topic &quot;Session cookie has no SameSite attribute: Session&quot; vulnerability found on Management server R80.40 in General Topics https://community.checkpoint.com/t5/General-Topics/quot-Session-cookie-has-no-SameSite-attribute-Session-quot/m-p/188754#M31640 <P>Recently, my client ran a VA scan on their R80.40 managment server and found out that is a vulnerability called "Session cookie has no SameSite attribute: Session". I tried to find from internet resources and CheckPoint SK, but no relevant resolution for this issue.</P> <P>Hence, appreciate if you all can share some suggestions on solving this matter.</P> <P>&nbsp;</P> <P>Thank you.</P> Mon, 07 Aug 2023 08:52:27 GMT LeeBingKang 2023-08-07T08:52:27Z "Session cookie has no SameSite attribute: Session" vulnerability found on Management server R80.40 https://community.checkpoint.com/t5/General-Topics/quot-Session-cookie-has-no-SameSite-attribute-Session-quot/m-p/188754#M31640 <P>Recently, my client ran a VA scan on their R80.40 managment server and found out that is a vulnerability called "Session cookie has no SameSite attribute: Session". I tried to find from internet resources and CheckPoint SK, but no relevant resolution for this issue.</P> <P>Hence, appreciate if you all can share some suggestions on solving this matter.</P> <P>&nbsp;</P> <P>Thank you.</P> Mon, 07 Aug 2023 08:52:27 GMT https://community.checkpoint.com/t5/General-Topics/quot-Session-cookie-has-no-SameSite-attribute-Session-quot/m-p/188754#M31640 LeeBingKang 2023-08-07T08:52:27Z Re: "Session cookie has no SameSite attribute: Session" vulnerability found on Management https://community.checkpoint.com/t5/General-Topics/quot-Session-cookie-has-no-SameSite-attribute-Session-quot/m-p/188781#M31645 <P>Is the machine running a recent jumbo?</P> <P>Regardless I would suggest engaging TAC with relevant details.&nbsp;</P> Mon, 07 Aug 2023 11:57:50 GMT https://community.checkpoint.com/t5/General-Topics/quot-Session-cookie-has-no-SameSite-attribute-Session-quot/m-p/188781#M31645 Chris_Atkinson 2023-08-07T11:57:50Z Re: "Session cookie has no SameSite attribute: Session" vulnerability found on Management https://community.checkpoint.com/t5/General-Topics/quot-Session-cookie-has-no-SameSite-attribute-Session-quot/m-p/188889#M31671 <P>Hi&nbsp;<a href="https://community.checkpoint.com/t5/user/viewprofilepage/user-id/3630">@Chris_Atkinson</a>&nbsp;, the machine is not with latest Jumbo Hotfix, but i will install the latest recommended hotfix as it resolved the Slowloris DoS vulnerability.</P> Tue, 08 Aug 2023 09:16:42 GMT https://community.checkpoint.com/t5/General-Topics/quot-Session-cookie-has-no-SameSite-attribute-Session-quot/m-p/188889#M31671 LeeBingKang 2023-08-08T09:16:42Z Re: "Session cookie has no SameSite attribute: Session" vulnerability found on Management https://community.checkpoint.com/t5/General-Topics/quot-Session-cookie-has-no-SameSite-attribute-Session-quot/m-p/188912#M31677 <P>T180 and higher will help with Slowloris</P> Tue, 08 Aug 2023 10:47:19 GMT https://community.checkpoint.com/t5/General-Topics/quot-Session-cookie-has-no-SameSite-attribute-Session-quot/m-p/188912#M31677 Chris_Atkinson 2023-08-08T10:47:19Z