PT-2016-1642 · Ca · Ca Api Gateway

Published

2016-04-06

Updated

2021-04-07

CVE-2016-3118

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions CA API Gateway versions 7.1 through 7.1.04 CA API Gateway versions 8.0 through 8.3 before 8.3.01 CA API Gateway versions 8.4 before 8.4.01

Description The issue exists due to the lack of measures to neutralize CRLF sequences, which can be exploited by a remote attacker to impact the integrity and confidentiality of information. The vulnerability allows remote attackers to have an unspecified impact via unknown vectors.

Recommendations For CA API Gateway versions 7.1 through 7.1.04, update to version 7.1.04 or later. For CA API Gateway versions 8.0 through 8.3 before 8.3.01, update to version 8.3.01 or later. For CA API Gateway versions 8.4 before 8.4.01, update to version 8.4.01 or later.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-93

Related Identifiers

BDU:2016-00954

CVE-2016-3118

Affected Products

Ca Api Gateway

PT-2016-1642 · Ca · Ca Api Gateway

CVE-2016-3118

Weakness Enumeration

Related Identifiers

Affected Products

References · 4