exploitDog

CVE-2021-37499

Опубликовано: 20 янв. 2023

Источник: nvd

CVSS3: 6.5

EPSS Низкий

Описание

CRLF vulnerability in Reprise License Manager (RLM) web interface through 14.2BL4 in the password parameter in View License Result function, that allows remote attackers to inject arbitrary HTTP headers.

Ссылки

http://reprise.com
Not Applicable
http://reprisesoftware.com
Product
https://github.com/blakduk/Advisories/blob/main/Reprise%20License%20Manager/README.md
Third Party Advisory
http://reprise.com
Not Applicable
http://reprisesoftware.com
Product
https://github.com/blakduk/Advisories/blob/main/Reprise%20License%20Manager/README.md
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:reprisesoftware:reprise_license_manager:*:*:*:*:*:*:*:*

Версия до 17.0 (исключая)

EPSS

Процентиль: 40%

0.0018

Низкий

6.5 Medium

CVSS3

Дефекты

NVD-CWE-Other

CWE-74

Связанные уязвимости

GHSA-rw59-3324-mjf5

CVSS3: 6.5

github

около 3 лет назад

CRLF vulnerability in Reprise License Manager (RLM) web interface through 14.2BL4 in the password parameter in View License Result function, that allows remote attackers to inject arbitrary HTTP headers.

EPSS

Процентиль: 40%

0.0018

Низкий

6.5 Medium

CVSS3

Дефекты

NVD-CWE-Other

CWE-74