4.3
CVE-2012-5057
- EPSS 0.24%
- Veröffentlicht 04.06.2014 14:55:03
- Zuletzt bearbeitet 12.04.2025 10:46:40
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginCRLF injection vulnerability in ownCloud Server before 4.0.8 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the url path parameter.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Owncloud ≫ Owncloud Server Version4.0.0
Owncloud ≫ Owncloud Server Version4.0.1
Owncloud ≫ Owncloud Server Version4.0.2
Owncloud ≫ Owncloud Server Version4.0.3
Owncloud ≫ Owncloud Server Version4.0.4
Owncloud ≫ Owncloud Server Version4.0.5
Owncloud ≫ Owncloud Server Version4.0.6
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.24% | 0.447 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:N/I:P/A:N
|