Vulnerability Details CVE-2021-40649
In Connx Version 6.2.0.1269 (20210623), a cookie can be issued by the application and not have the HttpOnly flag set.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 40.9%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 6.4
References
Products affected by CVE-2021-40649
-
cpe:2.3:a:softwareag:connx:6.2.0.1269