PT-2017-7173 · Facebook · Facebook Proxygen
Published
2017-04-10
·
Updated
2018-08-13
·
CVE-2015-7263
CVSS v2.0
5.0
Medium
| Vector | AV:N/AC:L/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
Facebook Proxygen versions prior to 2015-11-09
Description
The issue allows remote attackers to conduct hijacking attacks and bypass ACL checks via a crafted host value in the SPDY/2 codec.
Recommendations
For Facebook Proxygen versions prior to 2015-11-09, update to a version released after 2015-11-09 to resolve the issue.
Fix
Improper Access Control
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Facebook Proxygen