A vulnerability scanning tool was run against the Foglight Management Server (FMS) and found the following for URL https://FMS_Hostname/login/common/index.jsp?logout&.
Missing Secure Flag From SSL Cookie Cookie is not marked as secure: 'SMLOGOUT=true; path=/; domain=[IP_Address]'
Missing HttpOnly Flag From Cookie Cookie is not marked as HttpOnly: 'nowinsso=true; path=/; domain=[IP_Address]'
解决办法
WORKAROUND
None. The cookie is related to the SiteMinder integration which is no longer used and planned for removal in an upcoming version.
STATUS
This issue has been logged as defect FOG-2040 and is waiting for fix in a future release of the Foglight Management Server.