Vulnerabilities / SSL cookie without Secure flag

CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
↓

Severity	low
CWE Name	SSL cookie without Secure flag
CWE ID	CWE-614
CWE Score	3.1
Compliance	OWASP TOP10 -> A2, A7 PCI-DSS -> 6.5.10 HIPAA -> 164.306(a)
CVSS	3.0
Attack Vector	Network
Attack Complexity	High
Privileges Required	None
User Interaction	Required
Scope	Unchanged
Confidentiality Impact	Low
Integrity Impact	None
Availability Impact	None

SSL cookie without Secure flag