CVE-2008-2558 — MEDIUM (5.0)

Q: What is CVE-2008-2558?

CVE-2008-2558 is a vulnerability with a CVSS score of 5.0 (MEDIUM). CRE Loaded 6.2.13.1 and earlier does not set the "Secure" attribute for cookies that are sent over HTTPS, which might allow remote attackers to sniff the cookies if they are sent over HTTP.

Q: How severe is CVE-2008-2558?

CVE-2008-2558 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2008-2558?

Check the references section above for vendor advisories and patch information. Affected products include: Cre Loaded Cre Loaded.

Vulnerability Description

CRE Loaded 6.2.13.1 and earlier does not set the "Secure" attribute for cookies that are sent over HTTPS, which might allow remote attackers to sniff the cookies if they are sent over HTTP.

CVSS Score

5.0

MEDIUM

AV:N/AC:L/Au:N/C:P/I:N/A:N

Confidentiality

PARTIAL

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Cre Loaded	Cre Loaded	<= 6.2.13.1

Related Weaknesses (CWE)

CWE-310

References

FAQ

What is CVE-2008-2558?

CVE-2008-2558 is a vulnerability with a CVSS score of 5.0 (MEDIUM). CRE Loaded 6.2.13.1 and earlier does not set the "Secure" attribute for cookies that are sent over HTTPS, which might allow remote attackers to sniff the cookies if they are sent over HTTP.

How severe is CVE-2008-2558?

CVE-2008-2558 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2008-2558?

Check the references section above for vendor advisories and patch information. Affected products include: Cre Loaded Cre Loaded.