PT-2017-7175 · Facebook · Proxygen
Published
2017-04-10
·
Updated
2018-08-13
·
CVE-2015-7265
CVSS v2.0
5.0
Medium
| Vector | AV:N/AC:L/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
Facebook Proxygen versions prior to 2015-11-09
Description
The issue is related to the mismanagement of HTTPMessage.request state, allowing remote attackers to conduct hijacking attacks and bypass ACL checks.
Recommendations
For Facebook Proxygen versions prior to 2015-11-09, update to a version released after 2015-11-09 to resolve the issue.
Fix
Improper Access Control
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Proxygen