How to make session cookies secure and httponly in Splunk 6.2.1?

Path Finder

We have splunk 6.2.1 running in our environment. As part of security review procedures, any dashboards we create need to be run through an automated security review product like hailstorm. One of the attributes it is checking for is that session cookies are secured & httponly. I do see that etc/system/default/web.conf has tools.sessions.httponly and set to True. I assume this should have secured all session cookies, but the review tool is pointing out session cookies are not secured. Excerpt of the review report generated below

1 Vulnerable (Medium 😞 https://Hostname:port number/en-US/config?autoload=1
Message: session_id_XXXX Cookie has problem(s)
session_id_XXXX = dab6da5b7167dba10f6e88a8g725e319be90ed8c;
Host = Hostname;
Path = /
1. Cookie does not have secure attribute.

Cookie Vulnerabilities

Is there any other setting which needs to be enabled to make session cookies secure & httponly?

Tags (3)
0 Karma
1 Solution

Splunk Employee
Splunk Employee

Splunk Employee
Splunk Employee

This is fixed in 6.2.3

Get Updates on the Splunk Community!

Splunk Life | Happy Pride Month!

Happy Pride Month, Splunk Community! 🌈 In the United States, as well as many countries around the ...

SplunkTrust | Where Are They Now - Michael Uschmann

The Background Five years ago, Splunk published several videos showcasing members of the SplunkTrust to share ...

Admin Your Splunk Cloud, Your Way

Join us to maximize different techniques to best tune Splunk Cloud. In this Tech Enablement, you will get ...