CVE-2017-5868 in Access Server情報

要約

〜によって MITRE

CRLF injection vulnerability in the web interface in OpenVPN Access Server 2.1.4 allows remote attackers to inject arbitrary HTTP headers and consequently conduct session fixation attacks and possibly HTTP response splitting attacks via "%0A" characters in the PATH_INFO to __session_start__/.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

予約する

2017年02月02日

モデレーション

承諾済み

エントリ

VDB-101741

EPSS

0.04622

アクティビティ

非常低い

ソース

Want to know what is going to be exploited?

We predict KEV entries!