AXA Browser agent cookies "x-apm-brtm-servertime" vulnerability
Article ID: 185425
Updated On:
Products
CA Application Performance Management Agent (APM / Wily / Introscope)
CA Application Performance Management (APM / Wily / Introscope)
INTROSCOPE
DX Application Performance Management
CA Application Experience Analytics SaaS (AXA)
Issue/Introduction
A security vulnerability is reported on the cookies of AXA browser agent
(a) Mark all cookies used within the application as secure
(b) Mark the cookie as HTTPOnly.
Environment
AXA 17.3.2
Browser Agent
Resolution
These cookies only store data related to AXA. Nothing related to the actual application data is stored in these cookies.
This is false positive and shouldn't be of concern.
This is false positive and shouldn't be of concern.
Feedback
Yes
No
Powered by
