Cookies are sent from the client side. Never trust data from the client side. What you are afraid of are often refered to as http session highjacking.
So basicly, yes it might be a problem. So if you think that session highjacking is a problem (you have confidential data),
you should make sure that your cookie is never sent out on a non secure channel.
In general - if you plan to use same cookie for a site, both for http and https part, then make sure it's not a problem. And as a rule of thumb - when you direct your users to a https section of your website - give them a new session.
KEB