Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
WorkstationST - Response Splitting in AM Gateway Challenge-Response
Vulnerability Description
An HTTP response splitting vulnerability exists in the AM Gateway Challenge-Response dialog of WorkstationST (<v07.09.15) and could allow an attacker to compromise a victim's browser/session. WorkstationST is only deployed in specific, controlled environments rendering attack complexity significantly higher than if the attack were conducted on the software in isolation. WorkstationST v07.09.15 can be found in ControlST v07.09.07 SP8 and greater.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N
Vulnerability Type
HTTP头部中CRLF序列转义处理不恰当(HTTP响应分割)
Vulnerability Title
General Electric WorkstationST 安全漏洞
Vulnerability Description
General Electric WorkstationST是美国General Electric公司的一种软件套件中的警报查看器。 General Electric WorkstationST 07.09.15之前版本存在安全漏洞,该漏洞源于AM Gateway Challenge-Response dialog中存在 HTTP 响应拆分漏洞。攻击者利用该漏洞危害受害者的浏览器或者cookie。
CVSS Information
N/A
Vulnerability Type
N/A