Vulnerability Details CVE-2020-29024
Sensitive Cookie in HTTPS Session Without 'Secure' Attribute vulnerability in (GTA) GoToAppliance of Secomea GateManager could allow an attacker to gain access to sensitive cookies. This issue affects: Secomea GateManager all versions prior to 9.3.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 30.3%
CVSS Severity
CVSS v3 Score 5.3
CVSS v2 Score 5.0
References
Products affected by CVE-2020-29024
-
cpe:2.3:h:secomea:gatemanager_4250:-
-
cpe:2.3:h:secomea:gatemanager_4260:-
-
cpe:2.3:h:secomea:gatemanager_8250:-
-
cpe:2.3:h:secomea:gatemanager_9250:-
-
cpe:2.3:o:secomea:gatemanager_4250_firmware:-
-
cpe:2.3:o:secomea:gatemanager_4250_firmware:9.0i
-
cpe:2.3:o:secomea:gatemanager_4250_firmware:9.7.622134021
-
cpe:2.3:o:secomea:gatemanager_4260_firmware:-
-
cpe:2.3:o:secomea:gatemanager_4260_firmware:9.0g
-
cpe:2.3:o:secomea:gatemanager_4260_firmware:9.0i
-
cpe:2.3:o:secomea:gatemanager_4260_firmware:9.7.622134021
-
cpe:2.3:o:secomea:gatemanager_8250_firmware:9.1b
-
cpe:2.3:o:secomea:gatemanager_8250_firmware:9.2
-
cpe:2.3:o:secomea:gatemanager_8250_firmware:9.2b
-
cpe:2.3:o:secomea:gatemanager_8250_firmware:9.2c
-
cpe:2.3:o:secomea:gatemanager_9250_firmware:-
-
cpe:2.3:o:secomea:gatemanager_9250_firmware:9.0g
-
cpe:2.3:o:secomea:gatemanager_9250_firmware:9.0i
-
cpe:2.3:o:secomea:gatemanager_9250_firmware:9.7.622134021