icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Persistent Cookie Utilization

Info

Synopsis

The remote web server utilizes persistent cookies.

Description

The remote web server utilizes persistent cookies. Persistent cookies are stored on the hard drive by the user browser. If there is confidential data within the cookies (such as user ID, authentication tokens, etc.), an attacker with access to the hard drive can view this data.

Solution

Ensure that persistent cookies are not used for any sort of confidential data. Note: PVS only reports on the first occurence of this item on a web server. Parse your entire web source for similar occurrences.