Cookie without 'Secure' flag but protect by HSTS

Febna V M

Published on

19 Jun 2018

1 min read

HSTS

Cookies are used to manage state, handle logins or to track you for advertising purposes and should be kept safe. The process involved in setting a cookie are:-

The server asks your browser to set a cookie.
It gives a name, value and other parameters.
Browser stores the data in disk or memory depending on the cookie type.

Each request to the website sends the cookies along with the request. The significant vulnerability with cookies are:-

Cookies are not protocol specific. That is, a cookie set on the HTTPS website will also be accessible on the HTTP version.
Cookies can be accessed by JavaScript on the browser. If an attacker gets to run specific intrusion JavaScript on the website, then the cookies can be read by the attacker. This attack can be done using XSS.

This vulnerability can lead to a vast spectrum of cookie-related attacks. Cookies without Secure Flag will allow sending of data via less secure routes which will, in turn, lead to loss of sensitive data.

Impact

Using this vulnerability, an attacker can:-

leak information about the application’s users. This can cause a major data breach.
possibly manipulate the sensitive information sent between the server and the client.

Mitigation / Precaution

Beagle recommends the following fixes:-

Edit the config file of the server and add the following:-

        $1;HttpOnly;Secure

Automated human-like penetration testing for your web apps & APIs

Teams using Beagle Security are set up in minutes, embrace release-based CI/CD security testing and save up to 65% with timely remediation of vulnerabilities. Sign up for a free account to see what it can do for you.

Product tour

Written by