漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
WorkstationST - Response Splitting in AM Gateway Challenge-Response
Vulnerability Description
An HTTP response splitting vulnerability exists in the AM Gateway Challenge-Response dialog of WorkstationST (<v07.09.15) and could allow an attacker to compromise a victim's browser/session. WorkstationST is only deployed in specific, controlled environments rendering attack complexity significantly higher than if the attack were conducted on the software in isolation. WorkstationST v07.09.15 can be found in ControlST v07.09.07 SP8 and greater.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N
Vulnerability Type
HTTP头部中CRLF序列转义处理不恰当(HTTP响应分割)
Vulnerability Title
General Electric WorkstationST 安全漏洞
Vulnerability Description
General Electric WorkstationST是美国General Electric公司的一种软件套件中的警报查看器。 General Electric WorkstationST 07.09.15之前版本存在安全漏洞,该漏洞源于AM Gateway Challenge-Response dialog中存在 HTTP 响应拆分漏洞。攻击者利用该漏洞危害受害者的浏览器或者cookie。
CVSS Information
N/A
Vulnerability Type
N/A