Lucene search
K

4 matches found

OSV
OSV
added 2023/11/03 11:15 a.m.6 views

CVE-2023-4768

A CRLF injection vulnerability has been found in ManageEngine Desktop Central affecting version 9.1.0. This vulnerability could allow a remote attacker to inject arbitrary HTTP headers and perform HTTP response splitting attacks via the fileName parameter in /STATEID/1613157927228/InvSWMetering.p...

6.1CVSS5.8AI score0.0287EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/11/03 10:42 a.m.24 views

CVE-2023-4768 Improper Neutralization of CRLF Sequences in ManageEngine Desktop Central

A CRLF injection vulnerability has been found in ManageEngine Desktop Central affecting version 9.1.0. This vulnerability could allow a remote attacker to inject arbitrary HTTP headers and perform HTTP response splitting attacks via the fileName parameter in /STATEID/1613157927228/InvSWMetering.p...

6.1CVSS6.5AI score0.0287EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/11/03 10:42 a.m.13 views

CVE-2023-4768 Improper Neutralization of CRLF Sequences in ManageEngine Desktop Central

A CRLF injection vulnerability has been found in ManageEngine Desktop Central affecting version 9.1.0. This vulnerability could allow a remote attacker to inject arbitrary HTTP headers and perform HTTP response splitting attacks via the fileName parameter in /STATEID/1613157927228/InvSWMetering.p...

6.1CVSS7.2AI score0.0287EPSS
Exploits0References1
CVE
CVE
added 2023/11/03 10:42 a.m.64 views

CVE-2023-4768

ManageEngine Desktop Central 9.1.0 is affected by a CRLF injection vulnerability that could allow a remote attacker to inject arbitrary HTTP headers and perform HTTP response splitting via the fileName parameter in /STATE_ID/1613157927228/InvSWMetering.pdf. The vulnerability is confirmed across m...

6.1CVSS6.3AI score0.0287EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder