exploitDog

GHSA-3mjc-9976-q699

Опубликовано: 02 мая 2022

Источник: github

Github: Не прошло ревью

Описание

CRLF injection vulnerability in load.php in the Local Management Interface (LMI) on the IBM Proventia Network Mail Security System (PNMSS) appliance with firmware before 2.5 allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the javaVersion parameter.

CRLF injection vulnerability in load.php in the Local Management Interface (LMI) on the IBM Proventia Network Mail Security System (PNMSS) appliance with firmware before 2.5 allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the javaVersion parameter.

Ссылки

EPSS

Процентиль: 36%

0.00155

Низкий

CVE ID

Дефекты

CWE-94

Связанные уязвимости

CVE-2010-0155

nvd

больше 15 лет назад

CRLF injection vulnerability in load.php in the Local Management Interface (LMI) on the IBM Proventia Network Mail Security System (PNMSS) appliance with firmware before 2.5 allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the javaVersion parameter.

EPSS

Процентиль: 36%

0.00155

Низкий

CVE ID

Дефекты

CWE-94