exploitDog

CVE-2023-23950

Опубликовано: 26 янв. 2023

Источник: nvd

CVSS3: 6.1

EPSS Низкий

Описание

User’s supplied input (usually a CRLF sequence) can be used to split a returning response into two responses.

Ссылки

https://support.broadcom.com/external/content/SecurityAdvisories/0/21174
Vendor Advisory
https://support.broadcom.com/external/content/SecurityAdvisories/0/21174
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:broadcom:symantec_identity_governance_and_administration:14.3:*:*:*:*:*:*:*

cpe:2.3:a:broadcom:symantec_identity_governance_and_administration:14.4.1:*:*:*:*:*:*:*

cpe:2.3:a:broadcom:symantec_identity_governance_and_administration:14.4.2:*:*:*:*:*:*:*

cpe:2.3:a:broadcom:symantec_identity_manager:14.3:*:*:*:*:*:*:*

cpe:2.3:a:broadcom:symantec_identity_manager:14.4:*:*:*:*:*:*:*

EPSS

Процентиль: 67%

0.00542

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79

CWE-79

Связанные уязвимости

GHSA-gq33-qvc5-v66x

CVSS3: 6.1

github

больше 2 лет назад

User’s supplied input (usually a CRLF sequence) can be used to split a returning response into two responses.

EPSS

Процентиль: 67%

0.00542

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79

CWE-79