CVE-2014-0634 Information

Description

EMC VPLEX GeoSynchrony 4.x and 5.x before 5.3 does not include the HTTPOnly flag in a Set-Cookie header for an unspecified cookie which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie.

Reference

http://archives.neohapsis.com/archives/bugtraq/2014-03/0157.html