Описание
CRLF injection vulnerability in load.php in the Local Management Interface (LMI) on the IBM Proventia Network Mail Security System (PNMSS) appliance with firmware before 2.5 allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the javaVersion parameter.
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:a:ibm:proventia_network_mail_security_system_virtual_appliance:*:*:*:*:*:*:*:*
cpe:2.3:a:ibm:proventia_network_mail_security_system_virtual_appliance_firmware:1.6:*:*:*:*:*:*:*
EPSS
Процентиль: 36%
0.00155
Низкий
3.5 Low
CVSS2
Дефекты
CWE-94
Связанные уязвимости
github
почти 4 года назад
CRLF injection vulnerability in load.php in the Local Management Interface (LMI) on the IBM Proventia Network Mail Security System (PNMSS) appliance with firmware before 2.5 allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the javaVersion parameter.
EPSS
Процентиль: 36%
0.00155
Низкий
3.5 Low
CVSS2
Дефекты
CWE-94