admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2016/CVE-2016-31xx/CVE-2016-3118.json
cad-safe-bot b1052e34e8 Auto-Update: 2024-11-23T05:08:38.192165+00:00
2024-11-23 05:11:48 +00:00

136 lines
4.6 KiB
JSON
Raw Blame History

{
"id": "CVE-2016-3118",
"sourceIdentifier": "cve@mitre.org",
"published": "2016-04-06T01:59:28.840",
"lastModified": "2024-11-21T02:49:24.970",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "CRLF injection vulnerability in CA API Gateway (formerly Layer7 API Gateway) 7.1 before 7.1.04, 8.0 through 8.3 before 8.3.01, and 8.4 before 8.4.01 allows remote attackers to have an unspecified impact via unknown vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n CRLF en CA API Gateway (anteriormente Layer7 API Gateway) 7.1 en versiones anteriores a 7.1.04, 8.0 hasta la versi\u00f3n 8.3 en versiones anteriores a 8.3.01 y 8.4 en versiones anteriores a 8.4.01 permite a atacantes remotos causar un impacto no especificado a trav\u00e9s de vectores desconocidos."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"baseScore": 6.4,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:broadcom:api_gateway:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7D1A83AF-E209-4242-82A9-334D7A5859AC"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:broadcom:api_gateway:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "85A4F8B6-6299-4E98-B643-4BFBAC81C2C1"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:broadcom:api_gateway:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "05AA0421-CB13-403C-BF9F-F423F47761C4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:broadcom:api_gateway:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "371FD974-2C83-4639-B517-4C1F47AD5F57"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:broadcom:api_gateway:8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "82E2C040-0EDF-48DE-997D-1E069AA82002"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:broadcom:api_gateway:8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2559E997-8C81-4CF8-A0A1-36D40E775BD8"
}
]
}
]
}
],
"references": [
{
"url": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20160405-01-security-notice-for-ca-api-gateway.aspx",
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20160405-01-security-notice-for-ca-api-gateway.aspx",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
],
"evaluatorComment": "<a href=\"https://cwe.mitre.org/data/definitions/93.html\">CWE-93: Improper Neutralization of CRLF Sequences ('CRLF Injection')</a>"
}
Reference in New Issue View Git Blame Copy Permalink