CVE-2024-44575

RELY-PCIe v22.2.1 to v23.1.0 does not set the Secure attribute for sensitive cookies in HTTPS sessions, which could cause the user agent to send those cookies in cleartext over an HTTP session.

CVSS v3 3.7 LOW

3.7^/10

CVSS v3 : LOW

V3 Legend

Vector :

Exploitability : 2.2 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
http://system-on-chip.com	Broken Link
https://www.relyum.com/web/support/vulnerability-report/	Broken Link

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:relyum:rely-pcie_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:relyum:rely-pcie:-:*:*:*:*:*:*:*

History

28 Apr 2025, 15:14

Type	Values Removed	Values Added
CPE		cpe:2.3:o:relyum:rely-pcie_firmware:::::::: cpe:2.3:h:relyum:rely-pcie:-:::::::*
References	~~() http://system-on-chip.com -~~	() http://system-on-chip.com - Broken Link
References	~~() https://www.relyum.com/web/support/vulnerability-report/ -~~	() https://www.relyum.com/web/support/vulnerability-report/ - Broken Link
First Time		Relyum rely-pcie Firmware Relyum Relyum rely-pcie

25 Nov 2024, 18:15

Type	Values Removed	Values Added
CWE		CWE-732
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 3.7

12 Sep 2024, 12:35

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-09-11 17:15

Updated : 2025-04-28 15:14

NVD link : CVE-2024-44575

Mitre link : CVE-2024-44575

CVE.ORG link : CVE-2024-44575

JSON object : View

Products Affected

relyum

rely-pcie_firmware
rely-pcie

CWE

CWE-732

Incorrect Permission Assignment for Critical Resource

3.7 /10