exploitDog

GHSA-rqqr-gj2j-gj69

Опубликовано: 17 мая 2022

Источник: github

Github: Не прошло ревью

Описание

CRLF injection vulnerability in /+CSCOE+/logon.html on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.0 through 8.4 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors, aka Bug ID CSCth63101.

CRLF injection vulnerability in /+CSCOE+/logon.html on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.0 through 8.4 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors, aka Bug ID CSCth63101.

Ссылки

EPSS

Процентиль: 51%

0.00276

Низкий

CVE ID

Дефекты

CWE-20

CWE-94

Связанные уязвимости

CVE-2011-3285

nvd

почти 14 лет назад

CRLF injection vulnerability in /+CSCOE+/logon.html on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.0 through 8.4 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors, aka Bug ID CSCth63101.

EPSS

Процентиль: 51%

0.00276

Низкий

CVE ID

Дефекты

CWE-20

CWE-94