CVE-2015-3207

Published: Jul 7, 2022
Updated: May 9, 2024
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2015-3207" target="_blank" rel="noopener"> CVE-2015-3207
GHSA: <a href="https://github.com/advisories/GHSA-rqph-25q9-9jhp" target="_blank" rel="noopener"> GHSA-rqph-25q9-9jhp
Severity: Medium
Exploit:

In Openshift Origin 3 the cookies being set in console have no 'secure', 'HttpOnly' attributes.

CVSS v3:

CVSS v2:

CWEs:

OWASP TOP 10:

Software	From	Fixed in
openshift / origin	3.0.0	3.0.0.x
github.com/openshift/origin	-	1.0.0