Response Splitting Vulnerability in Broadcom Products
CVE-2023-23950

6.1MEDIUM

Key Information:

Vendor

Broadcom
Status
Symantec Identity Management And Governance
Vendor
CVE Published:
26 January 2023

What is CVE-2023-23950?

A vulnerability exists in various Broadcom products that allows an attacker to manipulate user-supplied input, specifically leveraging a CRLF (Carriage Return Line Feed) sequence. This can lead to a situation where a single response from the server is split into two separate responses. Such behavior could be exploited in various attack scenarios, potentially impacting the integrity and confidentiality of user data.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Symantec Identity Management And Governance 14.3, 14.4.1, 14.4.2

References

https://support.broadcom.com/external/content/SecurityAdv...

CVSS V3.1

Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.