Sensitive cookie in HTTPS session without 'Secure' attribute
Description
The `Secure` attribute when set to `true` protects the cookie value from being transmitted over clear text communication paths such as HTTP. By enabling this protection, the cookie will only be sent over HTTPS. Session cookies should be configured with the following security directives: HTTPOnly, SameSite, and Secure.
Examples
Insecure Code
java
Cookie someCookie = new Cookie("SomeCookieName", "SomeValue");
response.addCookie(someCookie);Secure Code
java
Cookie someCookie = new Cookie("SomeCookieName", "SomeValue");
someCookie.setSecure(true);
response.addCookie(someCookie);Remediation
Set the `Secure` flag to `true` for the cookie, e.g., `someCookie.setSecure(true);`
Rule Details
| Field | Value |
|---|---|
| ID | CODE-0681 |
| Category | Web |
| Severity | LOW |
| CWE | CWE-614 |
| Confidence | HIGH |
| Impact | LOW |
| Likelihood | MEDIUM |
| Exploitability | EASY |
| Tags | cookie, https, secure |
| OWASP | A6:2017-Security Misconfiguration, A05:2021-Security Misconfiguration |