Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
238
Views
0
Helpful
2
Replies

ACS 5.3.40 cookies not marked as secure

stuart hutchinson
Level 1
Level 1

‎05-07-2014 09:22 AM - edited ‎03-10-2019 09:41 PM

Hi,

We are looking to increase security regarding ACS 5.3.40. We've found that some ACS 5.3 generated cookies were not marked as secure. Can you advise how we can make all ACS cookies secure? We are of course using HTTPS.

 

Thanks,

Stuart.

 

Labels:
0 Helpful
2 Replies 2

mohanak
Cisco Employee
Cisco Employee

‎06-06-2014 02:50 AM

This may be the problem if you are using the previous versions of ACS 5.3.40.7

 

 

CSCub40480

 

Cookie vulnerabilities were found in ACS 5.3.

 

0 Helpful

stuart hutchinson
Level 1
Level 1
In response to mohanak

‎06-06-2014 07:40 AM

Thanks mohanak, we are planning on upgrading to v5.5 anyway. Hopefully this will resolve the issue.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents