Session Cookie without Secure Flag
Impact: Medium
Description
The absence of the Secure
flag in session cookies allows them to be transmitted over unencrypted connections, making them vulnerable to interception by attackers conducting man-in-the-middle (MitM) attacks. A session cookie without the Secure
flag can be captured by attackers monitoring network traffic.
Recommendation
To enhance security, always set the Secure
flag for session cookies, especially those containing sensitive information such as session tokens or user credentials. This ensures that session cookies are only transmitted over secure, encrypted connections, mitigating the risk of interception by attackers.
References
- CWE-16
- CWE-614
- MDN Web Docs: Secure cookie
- OWASP 2021-A5
- OWASP: Secure Cookie Flag
- OWASP: Session Management Cheat Sheet
- Wikipedia: Man-in-the-middle attack
👉 You might also like:
Cookie without Secure Flag - Vulnerability
Session Cookie without HttpOnly Flag - Vulnerability
Session Cookie without SameSite Flag - Vulnerability
Cookie without HttpOnly Flag - Vulnerability
Last updated on May 13, 2024