CVE-2016-0902

Published: May 7, 2016Modified: May 6, 2026

5.3

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Exploitability: 3.9 / Impact: 1.4

Source: NVD

Description

CRLF injection vulnerability in EMC RSA Authentication Manager before 8.1 SP1 P14 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.

Affected (1)

Products: Emc: Rsa Authentication Manager

Emc

1 product

Rsa Authentication Manager

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Emc Rsa Authentication Manager	Up to 8.1

References (6)

http://packetstormsecurity.com/files/136994/RSA-Authentication-Manager-XSS-HTTP-Response-Splitting.html

Source: security_alert@emc.com

http://seclists.org/bugtraq/2016/May/23

Source: security_alert@emc.com

http://www.securitytracker.com/id/1035755

Source: security_alert@emc.com

http://packetstormsecurity.com/files/136994/RSA-Authentication-Manager-XSS-HTTP-Response-Splitting.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://seclists.org/bugtraq/2016/May/23

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id/1035755

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.