CVE-2016-10002 in Squidالمعلومات

الملخص

بحسب MITRE

Incorrect processing of responses to If-None-Modified HTTP conditional requests in Squid HTTP Proxy 3.1.10 through 3.1.23, 3.2.0.3 through 3.5.22, and 4.0.1 through 4.0.16 leads to client-specific Cookie data being leaked to other clients. Attack requests can easily be crafted by a client to probe a cache for this information.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

حجز

17/12/2016

إفشاء

27/01/2017

الاعتدال

تمت الموافقة

إدخال

ربط

عرض

CPE

جاهز

CWE

CWE-200 (مؤكد)

CVSS

7.5 (NVD)

EPSS

0.14676

KEV

لا

النشاطات

منخفض جدًا

القطاع

Transportation, Hostingprovider, ...

المصادر

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-10002
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-10002
CVE Details	https://www.cvedetails.com/cve/CVE-2016-10002/

التالي ▸نظرة عامة ◂ السابق

Might our Artificial Intelligence support you?

Check our Alexa App!