Back to search
CVE-2022-1655
Published: Jul 22, 2022
Modified: Aug 3, 2024
PUBLISHED
Description
An Incorrect Permission Assignment for Critical Resource flaw was found in Horizon on Red Hat OpenStack. Horizon session cookies are created without the HttpOnly flag despite HorizonSecureCookies being set to true in the environmental files, possibly leading to a loss of confidentiality and integrity.
| Vendor | Product | Versions |
|---|---|---|
n/a | OpenStack | affected OpenStack 16.2 |
Weaknesses (CWE)
References
https://access.redhat.com/security/cve/cve-2022-1655
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now