CVE-2011-4729

Loading...

General

Score:5.0/10.0
Severity:Medium
Category:N/A

Impact Metrics

Confidentiality:Partial
Integrity:None
Availability:None

Exploitability Metrics

Access Vector:Network
Access Complexity:Low
Authentication:None

Published on 16/12/11 - Updated on 29/08/17

Description

The Server Administration Panel in Parallels Plesk Panel 10.2.0_build1011110331.18 does not include the HTTPOnly flag in a Set-Cookie header for a cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie, as demonstrated by cookies used by login_up.php3 and certain other files.

Category:

There is insufficient information about the issue to classify it; details are unknown or unspecified.

Security Notices

US National Vulnerability DatabaseCVE-2011-4729

Exploits

No exploits available for this CVE in our database.

Relative technologies

VendorProduct
parallelsparallels_plesk_panel

Share this vulnerability with:

Twitter Facebook LinkedIn Mail