CVE-2016-10002

critical-risk
Published 2017-01-27

Incorrect processing of responses to If-None-Modified HTTP conditional requests in Squid HTTP Proxy 3.1.10 through 3.1.23, 3.2.0.3 through 3.5.22, and 4.0.1 through 4.0.16 leads to client-specific Cookie data being leaked to other clients. Attack requests can easily be crafted by a client to probe a cache for this information.

Do I need to act?

!
30.1% chance of exploitation in next 30 days
EPSS score — higher than 70% of all CVEs
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.5/10 High
NETWORK / LOW complexity

Affected Products (20)

Affected Vendors

Debian Squid-Cache

References (14)

http://rhn.redhat.com/errata/RHSA-2017-0182.html
http://rhn.redhat.com/errata/RHSA-2017-0183.html
Third Party Advisory http://www.debian.org/security/2016/dsa-3745
Mailing List http://www.openwall.com/lists/oss-security/2016/12/18/1
Third Party Advisory http://www.securityfocus.com/bid/94953
Third Party Advisory http://www.securitytracker.com/id/1037513
Mitigation http://www.squid-cache.org/Advisories/SQUID-2016_11.txt
http://rhn.redhat.com/errata/RHSA-2017-0182.html
http://rhn.redhat.com/errata/RHSA-2017-0183.html
Third Party Advisory http://www.debian.org/security/2016/dsa-3745
Mailing List http://www.openwall.com/lists/oss-security/2016/12/18/1
Third Party Advisory http://www.securityfocus.com/bid/94953
Third Party Advisory http://www.securitytracker.com/id/1037513
Mitigation http://www.squid-cache.org/Advisories/SQUID-2016_11.txt
72
/ 100
critical-risk
Severity 26/34 · High
Exploitability 15/34 · Moderate
Exposure 31/34 · Critical