Vulnerabilities > CVE-2016-2303 - Unspecified vulnerability in Ecava Integraxor

CVSS 5.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

LOW

Availability impact

NONE

network

low complexity

ecava

NVD

Published: 2016-04-22

Updated: 2016-04-27

Summary

CRLF injection vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL.

Vulnerable Configurations

Part	Description	Count
Application	Ecava Ecava Integraxor 3.5.3900.5 Ecava Integraxor 3.5.3900.10 Ecava Integraxor 3.6.4000.0 Ecava Integraxor 3.60.4061 Ecava Integraxor 3.71 Ecava Integraxor 3.71.4200 Ecava Integraxor 3.72 Ecava Integraxor 4.00 Ecava Integraxor 4.1 Ecava Integraxor 4.1.4340 Ecava Integraxor 4.1.4360 Ecava Integraxor 4.1.4369 Ecava Integraxor 4.1.4380 Ecava Integraxor 4.1.4390 Ecava Integraxor 4.1.4393 Ecava Integraxor 4.1.4450 Ecava Integraxor 4.2.4502	17

References

https://ics-cert.us-cert.gov/advisories/ICSA-16-105-03