CWE-614: Sensitive Cookie in HTTPS Session Without 'Secure' Attribute
CWE版本: 4.18
更新日期: 2025-09-09
弱点描述
The Secure attribute for sensitive cookies in HTTPS sessions is not set.
常见后果
影响范围: Confidentiality
技术影响: Read Application Data
说明: Omitting the secure flag makes it possible for the user agent to send the cookies in plaintext over an HTTP session.
潜在缓解措施
阶段: Implementation
描述: Always set the secure attribute when the cookie should be sent via HTTPS only.
检测方法
方法: Automated Static Analysis
Automated static analysis, commonly referred to as Static Application Security Testing (SAST), can find some instances of this weakness by analyzing source code (or binary/compiled code) without having to execute it. Typically, this is done by building a model of data flow and control flow, then searching for potentially-vulnerable patterns that connect "sources" (origins of input) with "sinks" (destinations where the data interacts with external components, a lower layer such as the OS, etc.)
有效性: High
观察示例
参考: CVE-2004-0462
A product does not set the Secure attribute for sensitive cookies in HTTPS sessions, which could cause the user agent to send those cookies in plaintext over an HTTP session with the product.
参考: CVE-2008-3663
A product does not set the secure flag for the session cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.
参考: CVE-2008-3662
A product does not set the secure flag for the session cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.
参考: CVE-2008-0128
A product does not set the secure flag for a cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.
引入模式
| 阶段 | 说明 |
|---|---|
| Implementation | - |