CVE-2024-44575

LOW

RELY-PCIe <23.1.0 - Info Disclosure

Title source: llm

Description

RELY-PCIe v22.2.1 to v23.1.0 does not set the Secure attribute for sensitive cookies in HTTPS sessions, which could cause the user agent to send those cookies in cleartext over an HTTP session.

References (2)

[Broken Link] http://system-on-chip.com

[Broken Link] https://www.relyum.com/web/support/vulnerability-report/

Scores

CVSS v3 3.7

EPSS 0.0014

EPSS Percentile 33.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-732

Status published

Products (1)

relyum/rely-pcie_firmware 22.2.1 - 23.1.0

Published Sep 11, 2024

Tracked Since Feb 18, 2026