CRLF injection vulnerability in load.php in the Local Management Interface (LMI) on the IBM Proventia Network Mail Security System (PNMSS) appliance with firmware before 2.5 allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the javaVersion parameter.

在IBM Proventia Network Mail Security System (PNMSS) appliance with firmware before 2.5 的本地管理界面(LMI)中的 load.php 中 CRLF 注入漏洞允许远程登录的用户通过 JavaVersion 参数注入任意的 HTTP 头部并执行 HTTP 响应分割攻击。

NVD 暂无评分

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

NVD 暂无漏洞类别信息

神龙GPT 暂无漏洞类别信息（请耐心等待）