ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

AXA Browser agent cookies "x-apm-brtm-servertime" vulnerability


Article ID: 185425


Updated On:


CA Application Performance Management Agent (APM / Wily / Introscope) CA Application Performance Management (APM / Wily / Introscope) INTROSCOPE DX Application Performance Management CA Application Experience Analytics SaaS (AXA)


A security vulnerability is reported on the cookies of AXA browser agent

(a) Mark all cookies used within the application as secure

(b) Mark the cookie as HTTPOnly.


AXA 17.3.2
Browser Agent



These cookies only store data related to AXA. Nothing related to the actual application data is stored in these cookies.
This is false positive and shouldn't be of concern.