4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.2 Medium
AI Score
Confidence
High
0.005 Low
EPSS
Percentile
75.7%
Symfony 2.0.X before 2.0.24, 2.1.X before 2.1.12, 2.2.X before 2.2.5, and 2.3.X before 2.3.3 have an issue in the HttpFoundation component. The Host header can be manipulated by an attacker when the framework is generating an absolute URL. A remote attacker could exploit this vulnerability to inject malicious content into the Web application page and conduct various attacks.
lists.fedoraproject.org/pipermail/package-announce/2013-August/114450.html
lists.fedoraproject.org/pipermail/package-announce/2013-August/114461.html
symfony.com/blog/security-releases-symfony-2-0-24-2-1-12-2-2-5-and-2-3-3-released
www.securityfocus.com/bid/61715
bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4752
exchange.xforce.ibmcloud.com/vulnerabilities/86365
exchange.xforce.ibmcloud.com/vulnerabilities/86366
exchange.xforce.ibmcloud.com/vulnerabilities/86367
exchange.xforce.ibmcloud.com/vulnerabilities/86368
exchange.xforce.ibmcloud.com/vulnerabilities/86369
exchange.xforce.ibmcloud.com/vulnerabilities/86370
exchange.xforce.ibmcloud.com/vulnerabilities/86371
exchange.xforce.ibmcloud.com/vulnerabilities/86372
exchange.xforce.ibmcloud.com/vulnerabilities/86373
exchange.xforce.ibmcloud.com/vulnerabilities/86374
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.2 Medium
AI Score
Confidence
High
0.005 Low
EPSS
Percentile
75.7%