EMC VPLEX GeoSynchrony 4.x and 5.x prior to 5.3 does not include the HTTPOnly flag in a Set-Cookie header for an unspecified cookie, which makes it easier for remote malicious users to obtain potentially sensitive information via script access to this cookie.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
emc vplex geosynchrony 5.0 |
||
emc vplex geosynchrony 4.0 |
||
emc vplex geosynchrony 5.2 |
||
emc vplex geosynchrony 5.1 |
||
emc vplex geosynchrony 5.2.1 |