CVE-2022-37953

Name of the Vulnerable Software and Affected Versions WorkstationST versions prior to 07.09.15

Description The issue is related to an HTTP response splitting vulnerability in the AM Gateway Challenge-Response dialog of WorkstationST. This vulnerability could allow a remote attacker to compromise a victim's browser or session, potentially affecting the confidentiality and integrity of protected information. The vulnerability is associated with the failure to handle CRLF sequences in HTTP headers. WorkstationST is typically deployed in controlled environments, which increases the complexity of an attack.

Recommendations For WorkstationST versions prior to 07.09.15, update to version 07.09.15 or later to resolve the issue. As a temporary workaround, consider restricting access to the AM Gateway Challenge-Response dialog until a patch is applied. Additionally, ensure that the software is deployed and configured according to the recommended security guidelines to minimize the risk of exploitation.