CVE-2017-5868 in Access Serverजानकारी

सारांश

द्वारा MITRE

CRLF injection vulnerability in the web interface in OpenVPN Access Server 2.1.4 allows remote attackers to inject arbitrary HTTP headers and consequently conduct session fixation attacks and possibly HTTP response splitting attacks via "%0A" characters in the PATH_INFO to __session_start__/.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

आरक्षित करना

02/02/2017

प्रकटीकरण

25/05/2017

प्रविष्टि

VDB-101741

EPSS

0.04622

गतिविधियाँ

बहुत कम

क्षेत्र

Agriculture, Energy, ...

स्रोत

Interested in the pricing of exploits?

See the underground prices here!