Lucene search
MitreCVE-2010-0155HistorySep 14, 2010 - 5:00 p.m.
CVE-2010-0155
2010-09-1417:00:01
CWE-94
mitre
web.nvd.nist.gov
24
cve-2010-0155
crlf injection
load.php
local management interface
lmi
ibm proventia
network mail security system
pnmss
firmware
javaversion
http headers
http response splitting
vulnerability
nvd
security
CVSS2
3.5
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
AI Score
6.6
Confidence
Low
EPSS
0.001
Percentile
36.0%
CRLF injection vulnerability in load.php in the Local Management Interface (LMI) on the IBM Proventia Network Mail Security System (PNMSS) appliance with firmware before 2.5 allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the javaVersion parameter.
Affected configurations
Node
ibmproventia_network_mail_security_system_virtual_appliance
ibmproventia_network_mail_security_system_virtual_appliance_firmwareMatch1.6
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | proventia_network_mail_security_system_virtual_appliance | * | cpe:2.3:a:ibm:proventia_network_mail_security_system_virtual_appliance:*:*:*:*:*:*:*:* |
| ibm | proventia_network_mail_security_system_virtual_appliance_firmware | 1.6 | cpe:2.3:a:ibm:proventia_network_mail_security_system_virtual_appliance_firmware:1.6:*:*:*:*:*:*:* |
Related
prion
prion
Crlf injection
2010-09-14 17:00:00
cvelist
cvelist
CVE-2010-0155
2010-09-14 16:39:00
nvd
nvd
CVE-2010-0155
2010-09-14 17:00:01
securityvulns
securityvulns
packetstorm
packetstorm
Proventia Network Mail Security System CRLF Injection
2010-09-14 00:00:00
CVSS2
3.5
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
AI Score
6.6
Confidence
Low
EPSS
0.001
Percentile
36.0%
Related for CVE-2010-0155