CRLF injection vulnerability in the web framework in Cisco Web Security Appliance (WSA) 7.7 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct redirection attacks via a crafted URL, aka Bug ID CSCuj61002.
References
Link | Resource |
---|---|
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2137 | Vendor Advisory |
http://tools.cisco.com/security/center/viewAlert.x?alertId=33608 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: cisco
Published: 2014-04-02T01:00:00
Updated: 2014-04-02T01:57:01
Reserved: 2014-02-25T00:00:00
Link: CVE-2014-2137
JSON object: View
NVD Information
Status : Analyzed
Published: 2014-04-02T03:58:17.123
Modified: 2014-04-02T16:28:44.673
Link: CVE-2014-2137
JSON object: View
Redhat Information
No data.
CWE