What is CVE-2022-3251?

CVE-2022-3251 is a high-severity vulnerability in Ikus060 Ikus060/minarca, classified under Sensitive Cookie in HTTPS Session Without 'Secure' Attribute. CVSS score: 7.5/10. Published 2022-09-21.

How severe is CVE-2022-3251?

High severity. CVSS v3 base score is 7.5 out of 10.

Vulnerability in Ikus060 Ikus060/minarca

CVE-2022-3251

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository ikus060/minarca prior to 4.2.2.

EPSS: 0.002 (39.9th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.5 (High). Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H.

Affected products

Ikus060 Ikus060/minarca — versions unspecified

Weakness classification (CWE)

CWE-614 — Sensitive Cookie in HTTPS Session Without 'Secure' Attribute

References

huntr.dev/bounties/b9a1b411-060b-4235-9426-e39bd0a1d6d9 (x_refsource_CONFIRM)
github.com/ikus060/minarca/commit/7b5c7e6cbd59268d5cd4f1b5f42e721db116f71a (x_refsource_MISC)

Frequently asked questions

What is CVE-2022-3251?: CVE-2022-3251 is a high-severity vulnerability in Ikus060 Ikus060/minarca, classified under Sensitive Cookie in HTTPS Session Without 'Secure' Attribute. CVSS score: 7.5/10. Published 2022-09-21.
How severe is CVE-2022-3251?: High severity. CVSS v3 base score is 7.5 out of 10.