Cisco Bug: CSCth63101
ASA HTTP response splitting on /+CSCOE+/logon.html
Last Modified
Apr 22, 2022
Products (7)
Cisco 3000 Series Industrial Security Appliances (ISA),
Cisco ASA 5500-X Series Firewalls,
Cisco Adaptive Security Appliance (ASA) Software,
Cisco Firepower 1000 Series,
Cisco Firepower 2100 Series,
Cisco Firepower 4100 Series,
Cisco Firepower 9300 Series
Known Affected Release
008.003(001)
Description (partial)
Symptom:
ASA is vulnerable to HTTP response splitting in certain URLs. HTTP response splitting is the ability for an attacker to modify the headers of an
HTTP response due to lack of input validation on requests that are sent to the application server.
Detail on HTTP response splitting defects :
http://en.wikipedia.org/wiki/HTTP_response_splitting
http://www.owasp.org/index.php/HTTP_Response_Splitting
Conditions:
This is default behavior for the ASA.
bst.cisco.com/quickview/bug/CSCth63101
ASA HTTP response splitting on /+CSCOE+/logon.html
Last Modified
Apr 22, 2022
Products (7)
Cisco 3000 Series Industrial Security Appliances (ISA),
Cisco ASA 5500-X Series Firewalls,
Cisco Adaptive Security Appliance (ASA) Software,
Cisco Firepower 1000 Series,
Cisco Firepower 2100 Series,
Cisco Firepower 4100 Series,
Cisco Firepower 9300 Series
Known Affected Release
008.003(001)
Description (partial)
Symptom:
ASA is vulnerable to HTTP response splitting in certain URLs. HTTP response splitting is the ability for an attacker to modify the headers of an
HTTP response due to lack of input validation on requests that are sent to the application server.
Detail on HTTP response splitting defects :
http://en.wikipedia.org/wiki/HTTP_response_splitting
http://www.owasp.org/index.php/HTTP_Response_Splitting
Conditions:
This is default behavior for the ASA.
bst.cisco.com/quickview/bug/CSCth63101
Eklenme Tarihi - 29-10-2023 | Son Güncelleme - 28-04-202412 kez gösterildi.