CVE-2024-44575

LOW

RELY-PCIe <23.1.0 - Info Disclosure

Title source: llm

Description

RELY-PCIe v22.2.1 to v23.1.0 does not set the Secure attribute for sensitive cookies in HTTPS sessions, which could cause the user agent to send those cookies in cleartext over an HTTP session.

References (2)

Core 2

Core References

Broken Link

http://system-on-chip.com

Broken Link

https://www.relyum.com/web/support/vulnerability-report/

Scores

CVSS v3 3.7

EPSS 0.0027

EPSS Percentile 17.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-732

Status published

Products (1)

relyum/rely-pcie_firmware 22.2.1 - 23.1.0

Published Sep 11, 2024

Tracked Since Feb 18, 2026