CVE-2016-8024

Improper neutralization of CRLF sequences in HTTP headers vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and…

intel·CWE-113·Published 2017-03-14

CVSS

—

EPSS

0.09

KEV

Exploits

cve.orgen

253 chars

Improper neutralization of CRLF sequences in HTTP headers vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to obtain sensitive information via the server HTTP response spoofing.

NVDen

253 chars

NVDes

300 chars

Vulnerabilidad de neutralización inapropiada de secuencias CRLF en cabeceras HTTP en Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (y versiones anteriores) permite a atacantes remotos no autenticados obtener información sensible a través de la suplantación de la respuesta HTTP del servidor.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	6.8	8.6	6.4	AV:N/AC:M/Au:N/C:P/I:P/A:P
3.0	Primary	NVD	8.1	2.2	5.9	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H