cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

how to get rid of dtcookie vulnerability in 6.5 version

manish_bachu
Participant

how to get rid of dtcookie vulnerability in 6.5 version


3 REPLIES 3

Babar_Qayyum
Leader

Hello @manish kumar b.

What type of vulnerability you are referring?

dtCookie is uses to identify user sessions. This cookie is valid as long as the browser process is running.

Regards,

Babar


manish_bachu
Participant

Hi @Babar Q.

Please find below.

SSL Cookie without Secure Flag Set

Cookie without HttpOnly Flag Set

Cookie incorrectly scoped

Best Regards,

manish


Hello @manish kumar b.

From the system profile > user experience select Add the Secure attribute to the AppMon session cookie. Useful for web sites that employ the HTTPS protocol for secure communications, this setting marks the AppMon session cookie dtCookie with the W3C-standard Secure attribute. This attribute instructs the web browser to only send the cookie over a secure connection.

https://www.dynatrace.com/support/doc/appmon/administration/system-profile/edit-a-system-profile/system-profile-user-experience/web-app-settings/

Regards,

Babar