Web Application Cookies Not Marked Secure

This script is Copyright (C) 2015 Tenable Network Security, Inc.


Synopsis :

HTTP session cookies might be transmitted in cleartext.

Description :

The remote web application sets various cookies throughout a user's
unauthenticated and authenticated session. However, there are
instances where the application is running over unencrypted HTTP or
the cookies are not marked 'secure', meaning the browser could send
them back over an unencrypted link under certain circumstances. As a
result, it may be possible for a remote attacker to intercept these
cookies.

Note that this plugin detects all general cookies missing the 'secure'
cookie flag, whereas plugin 49218 (Web Application Session Cookies
Not Marked Secure) will only detect session cookies from an
authenticated session missing the secure cookie flag.

See also :

https://www.owasp.org/index.php/SecureFlag

Solution :

Each cookie should be carefully reviewed to determine if it contains
sensitive data or is relied upon for a security decision.

If possible, ensure all communication occurs over an encrypted channel
and add the 'secure' attribute to all session cookies or any cookies
containing sensitive data.

Risk factor :

None

Family: Web Servers

Nessus Plugin ID: 85602 ()

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now