5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.047 Low
EPSS
Percentile
92.5%
According to a whitepaper published by Sanctum, Inc., it
is possible to mount cache poisoning attacks against, among others,
squid proxies by inserting false replies into the HTTP stream.
The squid patches page notes:
This patch additionally strengthens Squid from the HTTP response
attack described by Sanctum.