CVE-2016-0902

EPSS 0.7%
Published 07.05.2016 10:59:03
Last modified 12.04.2025 10:46:40
Source security_alert@emc.com
Teams watchlist Login
Open Login

CRLF injection vulnerability in EMC RSA Authentication Manager before 8.1 SP1 P14 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.

Affected products Warnungen 0 Metrics 3 CWE 0 References 6

Data is provided by the National Vulnerability Database (NVD)

Emc ≫ Rsa Authentication Manager Updatesp1 Version <= 8.1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.7%	0.697

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5.3	3.9	1.4	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:P/A:N

http://packetstormsecurity.com/files/136994/RSA-Authentication-Manager-XSS-HTTP-Response-Splitting.html

http://seclists.org/bugtraq/2016/May/23

http://www.securitytracker.com/id/1035755

https://nvd.nist.gov/vuln/detail/CVE-2016-0902

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2016-0902

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2016-0902

EUVD