CVE-2021-40650: Medium severity software ag connx vulnerability
Published Jun 14, 2022
·Updated
In Connx Version 6.2.0.1269 (20210623), a cookie can be issued by the application and not have the secure flag set.
Affected Software
1 affected component
Softwareag Connx=6.2.0.1269
Event History
Jun 14, 2022
CVE Published
via MITRE·09:37 AM
Data Sourced
via MITRE·09:37 AM
Description
Frequently Asked Questions
1
What is CVE-2021-40650?
CVE-2021-40650 is a vulnerability in Connx Version 6.2.0.1269 (20210623) where a cookie can be issued by the application without the secure flag set.
2
What is the severity level of CVE-2021-40650?
CVE-2021-40650 has a severity level of medium, with a CVSS score of 6.5.
3
How does CVE-2021-40650 affect Connx Version 6.2.0.1269?
CVE-2021-40650 affects Connx Version 6.2.0.1269 by allowing a cookie to be issued without the secure flag set.
4
How can I fix the CVE-2021-40650 vulnerability?
To fix the CVE-2021-40650 vulnerability, ensure that the secure flag is set for all cookies issued by the Connx application.
5
Where can I find more information about CVE-2021-40650?
More information about CVE-2021-40650 can be found on the Connx website or the GitHub repository associated with the vulnerability.