Lucene search
MitreCVE-2007-1608HistoryMar 22, 2007 - 11:19 p.m.
CVE-2007-1608
2007-03-2223:19:00
mitre
web.nvd.nist.gov
25
cve
2007
1608
crlf injection
vulnerability
ibm
websphere
application server
http headers
response splitting
attacks
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.7
Confidence
High
EPSS
0.023
Percentile
89.8%
CRLF injection vulnerability in IBM WebSphere Application Server (WAS) before 6.0.2.19 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a single CRLF sequence in a context that is not a valid multi-line header.
Affected configurations
Node
ibmwebsphere_application_serverRange≤6.0.2.15
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | websphere_application_server | * | cpe:2.3:a:ibm:websphere_application_server:*:*:*:*:*:*:*:* |
Related
prion
prion
Crlf injection
2007-03-22 23:19:00
nessus
nessus
IBM WebSphere Application Server 6.0 < 6.0.2.19 HTTP Response Splitting
2010-04-05 00:00:00
nvd
nvd
CVE-2007-1608
2007-03-22 23:19:00
cvelist
cvelist
CVE-2007-1608
2007-03-22 23:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.7
Confidence
High
EPSS
0.023
Percentile
89.8%
Related for CVE-2007-1608