Messaging Gateway

 View Only

  • 1.  SMG vulneravility "Missing HttpOnly Flag From Cookie (http-cookie-http-only-flag)"

    Posted Nov 24, 2022 11:37 PM
    Hello team

    They recently ran a vulnerability analysis on the symantec messaging gataway, and detected one with the name "Missing HttpOnly Flag From Cookie (http-cookie-http-only-flag) we have not found documentation about it, does anyone know if the version of SMG 10.7. 5-4 is affected by this vulnerability or how it can be mitigated

    thanks


  • 2.  RE: SMG vulneravility "Missing HttpOnly Flag From Cookie (http-cookie-http-only-flag)"
    Best Answer

    Posted Nov 25, 2022 01:13 AM
    Update to 10.8. Boom.


    Original Message


  • 3.  RE: SMG vulneravility "Missing HttpOnly Flag From Cookie (http-cookie-http-only-flag)"

    Posted Nov 29, 2022 04:46 PM
    Thanks Alexander,
    Original Message


  • 4.  RE: SMG vulneravility "Missing HttpOnly Flag From Cookie (http-cookie-http-only-flag)"

    Posted Nov 29, 2022 08:35 PM
    Watch out. All the main ideas for 10.8 were mine. I hope you like them.


    Original Message