cve/2004/CVE-2004-0462.md

### [CVE-2004-0462](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0462)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

The built-in web servers for multiple networking devices do not set the Secure attribute for sensitive cookies in HTTPS sessions, which could cause the user agent to send those cookies in plaintext over an HTTP session with the same server.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/aemon1407/KWSPZapTest
- https://github.com/faizhaffizudin/Case-Study-Hamsa
Update Sun May 26 14:27:04 CEST 2024 2024-05-26 14:27:05 +02:00			`### [CVE-2004-0462](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0462)`
			`![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)`

			`### Description`

			`The built-in web servers for multiple networking devices do not set the Secure attribute for sensitive cookies in HTTPS sessions, which could cause the user agent to send those cookies in plaintext over an HTTP session with the same server.`

			`### POC`

			`#### Reference`
			`No PoCs from references.`

			`#### Github`
			`- https://github.com/aemon1407/KWSPZapTest`
			`- https://github.com/faizhaffizudin/Case-Study-Hamsa`