Lucene search
HistoryApr 01, 2014 - 6:35 a.m.
CVE-2013-1869
cve
2013
1869
crlf injection
spacewalk-java
red hat network
rhn satellite
http headers
http response splitting
xss attacks
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
6 Medium
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
70.6%
CRLF injection vulnerability in spacewalk-java before 2.1.148-1 and Red Hat Network (RHN) Satellite 5.6 allows remote attackers to inject arbitrary HTTP headers, and conduct HTTP response splitting attacks and cross-site scripting (XSS) attacks, via the return_url parameter.
Affected configurations
Node
redhatsatelliteMatch5.6
ORredhatspacewalk-javaRange≤2.1.147-1
| CPE | Name | Operator | Version |
|---|---|---|---|
| redhat:satellite | redhat satellite | eq | 5.6 |
| redhat:spacewalk-java | redhat spacewalk-java | le | 2.1.147-1 |
Related
prion
prion
Crlf injection
2014-04-01 06:35:00
Design/Logic Flaw
2013-10-13 10:20:00
cvelist
cvelist
CVE-2013-1869
2014-04-01 01:00:00
nvd
nvd
CVE-2013-1869
2014-04-01 06:35:52
CVE-2013-1870
2013-10-13 10:20:02
cve
cve
CVE-2013-1870
2022-10-03 16:14:48
redhat
redhat
veracode
veracode
Cross-Site Scripting (XSS)
2019-05-02 05:01:14
CRLF Injection
2019-05-02 05:01:13
Remote Code Execution
2019-05-02 05:01:13
nessus
nessus
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
6 Medium
AI Score
Confidence
High
0.003 Low
EPSS
Percentile
70.6%
Related for CVE-2013-1869