Description
The absence of the Secure flag in session cookies allows them to be transmitted over unencrypted connections, making them vulnerable to interception by attackers conducting man-in-the-middle (MitM) attacks. A session cookie without the Secure flag can be captured by attackers monitoring network traffic.
Recommendation
To enhance security, always set the Secure flag for session cookies, especially those containing sensitive information such as session tokens or user credentials. This ensures that session cookies are only transmitted over secure, encrypted connections, mitigating the risk of interception by attackers.
References
- OWASP: Secure Cookie Flag
- OWASP: Session Management Cheat Sheet
- Wikipedia: Man-in-the-middle attack
- MDN Web Docs: Secure cookie
- CWE-16
- CWE-614
- OWASP 2021-A5
Related Issues
- Cookie without Secure Flag - Vulnerability
- Session Cookie without HttpOnly Flag - Vulnerability
- Session Cookie without SameSite Flag - Vulnerability
- Cookie without HttpOnly Flag - Vulnerability
- Tags:
- HTTP Headers
- SSL/TLS
- Cookie
- Man-in-the-middle Attack
- Application Misconfiguration
Anything's wrong? Let us know Last updated on May 13, 2024