CA APM 10.7 SP3 - Session Cookie Does Not Contain the Secure Attribute - Qualys detection
search cancel

CA APM 10.7 SP3 - Session Cookie Does Not Contain the Secure Attribute - Qualys detection

book

Article ID: 272845

calendar_today

Updated On:

Products

CA Application Performance Management (APM / Wily / Introscope)

Issue/Introduction

The Qualys vulnerability detection tool has made a detection on ports 8080, 8081 of the CA APM 10.7 SP3 enterprise managers:

- Session Cookie Does Not Contain the Secure Attribute

On the support website we found that this vulnerability cannot affect port 8081 but it does not indicate if it is affected on port 8080 (webView):

Addressing Qualys scan findings QID 11827 and QID 13162

Could you tell us if this vulnerability affects port 8080 and if there is a way to fix it?

Environment

Release : 10.7.0

Resolution

APM Development team is working on a HOTFIX for this issue. The new HOTFIX will be included in APM 10.8 release.

Powered by Wolken Software