This script is Copyright (C) 2017 Tenable Network Security, Inc.
HTTP cookies have an 'Expires' attribute that is set with a past date
The remote web application sets various cookies throughout a user's
unauthenticated and authenticated session. However, Nessus has
detected that one or more of the cookies have an 'Expires' attribute
that is set with a past date or time, meaning that these cookies will
be removed by the browser.
See also :
Each cookie should be carefully reviewed to determine if it contains
sensitive data or is relied upon for a security decision.
If needed, set an expiration date in the future so the cookie will
persist or remove the Expires cookie attribute altogether to convert
the cookie to a session cookie.
Risk factor :
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now