Vulnerabilities > Softwareag > Connx > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-14 | CVE-2021-40649 | Incorrect Permission Assignment for Critical Resource vulnerability in Softwareag Connx 6.2.0.1269 In Connx Version 6.2.0.1269 (20210623), a cookie can be issued by the application and not have the HttpOnly flag set. | 6.5 |
| 2022-06-14 | CVE-2021-40650 | Missing Encryption of Sensitive Data vulnerability in Softwareag Connx 6.2.0.1269 In Connx Version 6.2.0.1269 (20210623), a cookie can be issued by the application and not have the secure flag set. | 6.5 |