← Back

CVE-2010-5148

nvd nist
Published: Aug 23, 2012Modified: Apr 29, 2026

JSON object

Loading...
5.0
Vector
AV:N/AC:L/Au:N/C:P/I:N/A:N
Exploitability: 10.0 / Impact: 2.9
Source: NVD

Description

Websense Web Security and Web Filter before 7.1 Hotfix 21 do not set the secure flag for the Encrypted Session (SSL) cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session.

Affected (2)

Websense
2 products
Websense Web Filter
Websense Web Security
Configuration A
2 vulnerable
Vulnerable SoftwareAffected Versions
Websense Web Filter
Up to 7.0
Websense Web Security
Up to 7.0

References (6)

Source: cve@mitre.org
Vendor Advisory
Source: cve@mitre.org
Vendor Advisory
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.