Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2016-4553
HistoryMay 10, 2016 - 7:59 p.m.

CVE-2016-4553

2016-05-1019:59:00
CWE-345
[email protected]
web.nvd.nist.gov
54
4
squid
cve-2016-4553
cache poisoning
http request
security vulnerability

8.6 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N

8.1 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.529 Medium

EPSS

Percentile

97.6%

JSON

client_side.cc in Squid before 3.5.18 and 4.x before 4.0.10 does not properly ignore the Host header when absolute-URI is provided, which allows remote attackers to conduct cache-poisoning attacks via an HTTP request.

Social References

More

Related

checkpoint_advisories 1
prion 1
openvas 15
debiancve 1
ubuntucve 1
nessus 20
redhatcve 1
mageia 1
freebsd 1
altlinux 1
oraclelinux 3
redhat 2
ubuntu 1
centos 2
fedora 2
gentoo 1
suse 2
checkpoint_advisories
checkpoint_advisories
Squid Squoison Host Header Cache Poisoning (CVE-2016-4553)
2016-06-15 00:00:00
prion
prion
Cross site request forgery (csrf)
2016-05-10 19:59:00
openvas
openvas
Squid Poisoning Vulnerability (SQUID-2016:7) - Windows
2016-05-19 00:00:00
Squid Poisoning Vulnerability (SQUID-2016:7) - Linux
2016-05-19 00:00:00
Mageia: Security Advisory (MGASA-2016-0171)
2022-01-28 00:00:00
debiancve
debiancve
CVE-2016-4553
2016-05-10 19:59:00
ubuntucve
ubuntucve
CVE-2016-4553
2016-05-10 00:00:00
nessus
nessus
Squid 3.2.0.11 < 3.x < 3.5.18 / 4.x < 4.0.10 Cache Poisoning Vulnerability (SQUID-2016:7)
2018-12-17 00:00:00
FreeBSD : squid -- multiple vulnerabilities (25e5205b-1447-11e6-9ead-6805ca0b3d42)
2016-05-09 00:00:00
Debian DSA-3625-1 : squid3 - security update
2016-07-25 00:00:00
redhatcve
redhatcve
CVE-2016-4553
2016-05-09 09:18:41
mageia
mageia
Updated squid packages fix security vulnerability
2016-05-11 22:27:24
freebsd
freebsd
squid -- multiple vulnerabilities
2016-05-06 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 8 package squid version 3.5.19-alt1
2016-05-10 00:00:00
oraclelinux
oraclelinux
squid security update
2016-05-31 00:00:00
squid34 security update
2016-05-31 00:00:00
squid security, bug fix, and enhancement update
2016-11-09 00:00:00
redhat
redhat
(RHSA-2016:1140) Moderate: squid34 security update
2016-05-31 04:53:36
(RHSA-2016:1139) Moderate: squid security update
2016-05-31 04:53:29
ubuntu
ubuntu
Squid vulnerabilities
2016-06-09 00:00:00
centos
centos
squid34 security update
2016-05-31 10:58:08
squid security update
2016-05-31 11:59:06
fedora
fedora
[SECURITY] Fedora 24 Update: squid-3.5.19-2.fc24
2016-07-12 20:35:35
[SECURITY] Fedora 23 Update: squid-3.5.10-4.fc23
2016-07-13 00:00:11
gentoo
gentoo
Squid: Multiple vulnerabilities
2016-07-09 00:00:00
suse
suse
Security update for squid3 (important)
2016-08-09 17:12:26
Security update for squid3 (important)
2016-08-16 18:08:55

8.6 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N

8.1 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.529 Medium

EPSS

Percentile

97.6%

JSON
Related for CVE-2016-4553
checkpoint_advisories1prion1openvas15debiancve1ubuntucve1nessus20redhatcve1mageia1freebsd1altlinux1oraclelinux3redhat2ubuntu1centos2fedora2gentoo1suse2