Possible Social Security Number in Cookie

info Nessus Network Monitor Plugin ID 4663

Synopsis

The remote web client sent a cookie with what appears to be an embedded Social Security Number.

Description

The remote web client sent a cookie with what appears to be an embedded Social Security Number. You should manually verify that confidential data is not being leaked from the network.

Solution

Ensure that confidential data is not passed within plaintext cookies. Note: NNM only reports on the first occurence of this item on a web server. Parse your entire web source for similar occurrences.

Plugin Details

Severity: Info

ID: 4663

Family: Data Leakage

Published: 9/15/2008

Updated: 1/16/2019