CRLF Injection Vulnerability in Huawei FusionAccess
CVE-2016-6839

6.1MEDIUM

Key Information:

Vendor: Huawei
Status: Fusionaccess
Vendor: CVE Published:; 7 September 2016

Summary

A CRLF injection vulnerability exists in Huawei FusionAccess, which allows remote attackers to conduct attacks through the injection of arbitrary HTTP headers. This vulnerability can facilitate HTTP response splitting, potentially leading to web application exploits and unauthorized access to sensitive information. Organizations leveraging Huawei FusionAccess should implement the recommended patches and monitor for any suspicious activities.

References

http://www.huawei.com/en/psirt/security-advisories/huawei...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/92502

vdb-entryx_refsource_BID

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Sep 7, 2016
Vulnerability Reserved
Aug 18, 2016