CVE-2016-6484

moderate-risk

Published 2017-01-23

CRLF injection vulnerability in Infoblox Network Automation NetMRI before 7.1.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the contentType parameter in a login action to config/userAdmin/login.tdf.

Do I need to act?

0.44% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 6.1/10 Medium

NETWORK / LOW complexity

Affected Products (1)

Netmri

Affected Vendors

Infoblox

References (8)

Third Party Advisory http://packetstormsecurity.com/files/138615/Infoblox-7.0.1-CRLF-Injection-HTTP-R...

http://www.securityfocus.com/archive/1/539366/100/0/threaded

Third Party Advisory http://www.securityfocus.com/bid/92794

Third Party Advisory http://www.securitytracker.com/id/1036736

Third Party Advisory http://packetstormsecurity.com/files/138615/Infoblox-7.0.1-CRLF-Injection-HTTP-R...

http://www.securityfocus.com/archive/1/539366/100/0/threaded

Third Party Advisory http://www.securityfocus.com/bid/92794

Third Party Advisory http://www.securitytracker.com/id/1036736

/ 100

moderate-risk

Severity 23/34 · High

Exploitability 2/34 · Minimal

Exposure 5/34 · Minimal