CVE-2016-0736 in macOS정보

요약

\~에 의해 MITRE

In Apache HTTP Server versions 2.4.0 to 2.4.23, mod_session_crypto was encrypting its data/cookie using the configured ciphers with possibly either CBC or ECB modes of operation (AES256-CBC by default), hence no selectable or builtin authenticated encryption. This made it vulnerable to padding oracle attacks, particularly with CBC.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

예약하다

2015. 12. 16.

공개

2017. 07. 27.

모더레이션

수락

항목

연결하다

보여 주다

CPE

준비됨

CWE

CWE-310 (확인됨)

익스플로잇

다운로드

CVSS

7.5 (NVD)

EPSS

0.41680

KEV

아니요

활동

매우 낮음

부문

Lawfirm, Education, ...

출처

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-0736
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-0736
CVE Details	https://www.cvedetails.com/cve/CVE-2016-0736/

◂ 이전 개요 다음 ▸

Interested in the pricing of exploits?

See the underground prices here!