Possible Social Security Number in Cookie

Info Nessus Network Monitor Plugin ID 4671

Synopsis

The remote web server sent a cookie with what appears to be an embedded Social Security Number.

Description

The remote web server sent a cookie with what appears to be an embedded Social Security Number. You should manually verify that confidential data is not being leaked from the network.

Solution

Ensure that confidential data is not passed within plaintext cookies. Note: PVS only reports on the first occurence of this item on a web server. Parse your entire web source for similar occurrences.

Plugin Details

Severity: Info

ID: 4671

Family: Data Leakage

Published: 2008/09/15

Modified: 2015/06/01

Dependencies: 1442

Risk Information

Risk Factor: Info