PT-2016-1642 · Ca · Ca Api Gateway

Publicado

2016-04-06

Atualizado

2021-04-07

CVE-2016-3118

CVSS v3.1

6.5

Média

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions CA API Gateway versions 7.1 through 7.1.04 CA API Gateway versions 8.0 through 8.3 before 8.3.01 CA API Gateway versions 8.4 before 8.4.01

Description The issue exists due to the lack of measures to neutralize CRLF sequences, which can be exploited by a remote attacker to impact the integrity and confidentiality of information. The vulnerability allows remote attackers to have an unspecified impact via unknown vectors.

Recommendations For CA API Gateway versions 7.1 through 7.1.04, update to version 7.1.04 or later. For CA API Gateway versions 8.0 through 8.3 before 8.3.01, update to version 8.3.01 or later. For CA API Gateway versions 8.4 before 8.4.01, update to version 8.4.01 or later.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-93

Identificadores relacionados

BDU:2016-00954

CVE-2016-3118

Produtos afetados

Ca Api Gateway

PT-2016-1642 · Ca · Ca Api Gateway

CVE-2016-3118

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 4