Lucene search
MitreCVE-2008-6121HistoryFeb 11, 2009 - 5:30 p.m.
CVE-2008-6121
2009-02-1117:30:00
CWE-20
mitre
web.nvd.nist.gov
22
cve-2008-6121
crlf injection
vulnerability
socialengine
se 2.7
http headers
http response splitting
phpsessid cookie
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.2
Confidence
Low
EPSS
0.005
Percentile
76.7%
CRLF injection vulnerability in SocialEngine (SE) 2.7 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the PHPSESSID cookie.
Affected configurations
Node
socialenginesocialengineRange≤2.7
| Vendor | Product | Version | CPE |
|---|---|---|---|
| socialengine | socialengine | * | cpe:2.3:a:socialengine:socialengine:*:*:*:*:*:*:*:* |
Related
prion
prion
Crlf injection
2009-02-11 17:30:00
cvelist
cvelist
CVE-2008-6121
2009-02-11 17:25:00
nvd
nvd
CVE-2008-6121
2009-02-11 17:30:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.2
Confidence
Low
EPSS
0.005
Percentile
76.7%
Related for CVE-2008-6121