Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2016-2303 (GCVE-0-2016-2303)
Vulnerability from cvelistv5
Published
2016-04-22 00:00
Modified
2024-08-05 23:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
CRLF injection vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ics-cert@hq.dhs.gov | https://ics-cert.us-cert.gov/advisories/ICSA-16-105-03 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://ics-cert.us-cert.gov/advisories/ICSA-16-105-03 | Third Party Advisory, US Government Resource |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:24:48.697Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-105-03"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-04-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "CRLF injection vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-04-22T00:57:01",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-105-03"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2016-2303",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CRLF injection vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-105-03",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-105-03"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2016-2303",
"datePublished": "2016-04-22T00:00:00",
"dateReserved": "2016-02-09T00:00:00",
"dateUpdated": "2024-08-05T23:24:48.697Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2016-2303\",\"sourceIdentifier\":\"ics-cert@hq.dhs.gov\",\"published\":\"2016-04-22T00:59:04.540\",\"lastModified\":\"2025-04-12T10:46:40.837\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"CRLF injection vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad de inyecci\u00f3n CRLF en Ecava IntegraXor en versiones anteriores a 5.0 build 4522 permite a atacantes remotos inyectar cabeceras HTTP arbitrarias y llevar a cabo ataques de separaci\u00f3n de respuesta HTTP a trav\u00e9s de una URL manipulada.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:P/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ecava:integraxor:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"4.2.4502\",\"matchCriteriaId\":\"A57ED23C-1807-472A-905C-69F80A009A89\"}]}]}],\"references\":[{\"url\":\"https://ics-cert.us-cert.gov/advisories/ICSA-16-105-03\",\"source\":\"ics-cert@hq.dhs.gov\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"https://ics-cert.us-cert.gov/advisories/ICSA-16-105-03\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]}],\"evaluatorComment\":\"\u003ca href=\\\"https://cwe.mitre.org/data/definitions/93.html\\\"\u003eCWE-93: Improper Neutralization of CRLF Sequences (\u0027CRLF Injection\u0027)\u003c/a\u003e\"}}"
}
}
cnvd-2016-02330
Vulnerability from cnvd
Title: Ecava IntegraXor HMI权限绕过漏洞
Description:
Ecava IntegraXor是一套基于Web的用于创建和运行SCADA系统的HMI界面的工具。
Ecava IntegraXor HMI未能正确处理输入中的特定元素,允许远程攻击者可利用该漏洞绕过安全限制。
Severity: 中
Patch Name: Ecava IntegraXor HMI权限绕过漏洞的补丁
Patch Description:
Ecava IntegraXor是一套基于Web的用于创建和运行SCADA系统的HMI界面的工具。
Ecava IntegraXor HMI未能正确处理输入中的特定元素,允许远程攻击者可利用该漏洞绕过安全限制。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description:
用户可参考如下厂商提供的安全补丁以修复该漏洞: http://www.integraxor.com/blog/category/security/vulnerability-note/
Reference: https://ics-cert.us-cert.gov/advisories/ICSA-16-105-03
Impacted products
| Name | Ecava IntegraXor <5.0 build 4522 |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2016-2303"
}
},
"description": "Ecava IntegraXor\u662f\u4e00\u5957\u57fa\u4e8eWeb\u7684\u7528\u4e8e\u521b\u5efa\u548c\u8fd0\u884cSCADA\u7cfb\u7edf\u7684HMI\u754c\u9762\u7684\u5de5\u5177\u3002\r\n\r\nEcava IntegraXor HMI\u672a\u80fd\u6b63\u786e\u5904\u7406\u8f93\u5165\u4e2d\u7684\u7279\u5b9a\u5143\u7d20\uff0c\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u7ed5\u8fc7\u5b89\u5168\u9650\u5236\u3002",
"discovererName": "Marcus Richerson and Steven Seeley of Source Incite, working with Trend Micro\u2019s Zero Day Initiative",
"formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u5382\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u8865\u4e01\u4ee5\u4fee\u590d\u8be5\u6f0f\u6d1e\uff1a\r\nhttp://www.integraxor.com/blog/category/security/vulnerability-note/",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2016-02330",
"openTime": "2016-04-19",
"patchDescription": "Ecava IntegraXor\u662f\u4e00\u5957\u57fa\u4e8eWeb\u7684\u7528\u4e8e\u521b\u5efa\u548c\u8fd0\u884cSCADA\u7cfb\u7edf\u7684HMI\u754c\u9762\u7684\u5de5\u5177\u3002\r\n\r\nEcava IntegraXor HMI\u672a\u80fd\u6b63\u786e\u5904\u7406\u8f93\u5165\u4e2d\u7684\u7279\u5b9a\u5143\u7d20\uff0c\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u7ed5\u8fc7\u5b89\u5168\u9650\u5236\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Ecava IntegraXor HMI\u6743\u9650\u7ed5\u8fc7\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": "Ecava IntegraXor \u003c5.0 build 4522"
},
"referenceLink": "https://ics-cert.us-cert.gov/advisories/ICSA-16-105-03",
"serverity": "\u4e2d",
"submitTime": "2016-04-16",
"title": "Ecava IntegraXor HMI\u6743\u9650\u7ed5\u8fc7\u6f0f\u6d1e"
}
icsa-16-105-03
Vulnerability from csaf_cisa
Published
2016-01-16 07:00
Modified
2025-06-05 21:40
Summary
Ecava IntegraXor Vulnerabilities
Notes
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Recommended Practices
CISA recommends users take defensive measures to minimize the risk of exploitation.
Recommended Practices
Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.
Recommended Practices
Locate control system networks and remote devices behind firewalls and isolating them from business networks.
Recommended Practices
When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs). Recognize VPNs may have vulnerabilities, should be updated to the most recent version available, and are only as secure as the connected devices.
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
Recommended Practices
CISA also recommends users take the following measures to protect themselves from social engineering attacks: Do not click web links or open attachments in unsolicited email messages. Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams. Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "general",
"text": "CISA recommends users take defensive measures to minimize the risk of exploitation.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Locate control system networks and remote devices behind firewalls and isolating them from business networks.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs). Recognize VPNs may have vulnerabilities, should be updated to the most recent version available, and are only as secure as the connected devices.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "CISA also recommends users take the following measures to protect themselves from social engineering attacks: Do not click web links or open attachments in unsolicited email messages. Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams. Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.",
"title": "Recommended Practices"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "central@cisa.dhs.gov",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-16-105-03 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2016/icsa-16-105-03.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-16-105-03 - Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-16-105-03"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/topics/industrial-control-systems"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/sites/default/files/publications/emailscams0905.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ncas/tips/ST04-014"
}
],
"title": "Ecava IntegraXor Vulnerabilities",
"tracking": {
"current_release_date": "2025-06-05T21:40:02.682378Z",
"generator": {
"date": "2025-06-05T21:40:02.682245Z",
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-16-105-03",
"initial_release_date": "2016-01-16T07:00:00.000000Z",
"revision_history": [
{
"date": "2016-01-16T07:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "Initial Publication"
},
{
"date": "2025-06-05T21:40:02.682378Z",
"legacy_version": "CSAF Conversion",
"number": "2",
"summary": "Advisory converted into a CSAF"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c5.0_build_4522",
"product": {
"name": "Ecava IntegraXor: \u003c5.0_build_4522",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "IntegraXor"
}
],
"category": "vendor",
"name": "Ecava"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-2306",
"cwe": {
"id": "CWE-319",
"name": "Cleartext Transmission of Sensitive Information"
},
"notes": [
{
"category": "summary",
"text": "The HMI web server in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to obtain sensitive cleartext information by sniffing the network.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Ecava has produced a new version that addresses the reported vulnerabilities, as well as some identified security risks, in Version 5.0, build 4522. Ecava has resolved the authenticated SQL injection associated with operator and supervisor accounts. Ecava is planning to address the remaining risk to administrative accounts in an upcoming release. Ecava\u2019s new version of the IntegraXor software, Version 5.0, build 4522 is available for download at the following link: (http://www.integraxor.com/download/beta.msi?5.0.4525.2.)",
"product_ids": [
"CSAFPID-0001"
],
"url": "http://www.integraxor.com/download/beta.msi?5.0.4525.2."
},
{
"category": "mitigation",
"details": "Ecava recommends downloading the latest build to address the identified vulnerabilities.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Ecava has released a vulnerability note, which is available at the following URL: (http://www.integraxor.com/blog/category/security/vulnerability-note/).",
"product_ids": [
"CSAFPID-0001"
],
"url": "http://www.integraxor.com/blog/category/security/vulnerability-note/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2016-2305",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "summary",
"text": "Cross-site scripting (XSS) vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Ecava has produced a new version that addresses the reported vulnerabilities, as well as some identified security risks, in Version 5.0, build 4522. Ecava has resolved the authenticated SQL injection associated with operator and supervisor accounts. Ecava is planning to address the remaining risk to administrative accounts in an upcoming release. Ecava\u2019s new version of the IntegraXor software, Version 5.0, build 4522 is available for download at the following link: (http://www.integraxor.com/download/beta.msi?5.0.4525.2.)",
"product_ids": [
"CSAFPID-0001"
],
"url": "http://www.integraxor.com/download/beta.msi?5.0.4525.2."
},
{
"category": "mitigation",
"details": "Ecava recommends downloading the latest build to address the identified vulnerabilities.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Ecava has released a vulnerability note, which is available at the following URL: (http://www.integraxor.com/blog/category/security/vulnerability-note/).",
"product_ids": [
"CSAFPID-0001"
],
"url": "http://www.integraxor.com/blog/category/security/vulnerability-note/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2016-2304",
"cwe": {
"id": "CWE-87",
"name": "Improper Neutralization of Alternate XSS Syntax"
},
"notes": [
{
"category": "summary",
"text": "Ecava IntegraXor before 5.0 build 4522 does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Ecava has produced a new version that addresses the reported vulnerabilities, as well as some identified security risks, in Version 5.0, build 4522. Ecava has resolved the authenticated SQL injection associated with operator and supervisor accounts. Ecava is planning to address the remaining risk to administrative accounts in an upcoming release. Ecava\u2019s new version of the IntegraXor software, Version 5.0, build 4522 is available for download at the following link: (http://www.integraxor.com/download/beta.msi?5.0.4525.2.)",
"product_ids": [
"CSAFPID-0001"
],
"url": "http://www.integraxor.com/download/beta.msi?5.0.4525.2."
},
{
"category": "mitigation",
"details": "Ecava recommends downloading the latest build to address the identified vulnerabilities.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Ecava has released a vulnerability note, which is available at the following URL: (http://www.integraxor.com/blog/category/security/vulnerability-note/).",
"product_ids": [
"CSAFPID-0001"
],
"url": "http://www.integraxor.com/blog/category/security/vulnerability-note/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2016-2303",
"cwe": {
"id": "CWE-113",
"name": "Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Request/Response Splitting\u0027)"
},
"notes": [
{
"category": "summary",
"text": "CRLF injection vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Ecava has produced a new version that addresses the reported vulnerabilities, as well as some identified security risks, in Version 5.0, build 4522. Ecava has resolved the authenticated SQL injection associated with operator and supervisor accounts. Ecava is planning to address the remaining risk to administrative accounts in an upcoming release. Ecava\u2019s new version of the IntegraXor software, Version 5.0, build 4522 is available for download at the following link: (http://www.integraxor.com/download/beta.msi?5.0.4525.2.)",
"product_ids": [
"CSAFPID-0001"
],
"url": "http://www.integraxor.com/download/beta.msi?5.0.4525.2."
},
{
"category": "mitigation",
"details": "Ecava recommends downloading the latest build to address the identified vulnerabilities.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Ecava has released a vulnerability note, which is available at the following URL: (http://www.integraxor.com/blog/category/security/vulnerability-note/).",
"product_ids": [
"CSAFPID-0001"
],
"url": "http://www.integraxor.com/blog/category/security/vulnerability-note/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2016-2300",
"cwe": {
"id": "CWE-285",
"name": "Improper Authorization"
},
"notes": [
{
"category": "summary",
"text": "Ecava IntegraXor before 5.0 build 4522 allows remote attackers to bypass authentication and access unspecified web pages via unknown vectors.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Ecava has produced a new version that addresses the reported vulnerabilities, as well as some identified security risks, in Version 5.0, build 4522. Ecava has resolved the authenticated SQL injection associated with operator and supervisor accounts. Ecava is planning to address the remaining risk to administrative accounts in an upcoming release. Ecava\u2019s new version of the IntegraXor software, Version 5.0, build 4522 is available for download at the following link: (http://www.integraxor.com/download/beta.msi?5.0.4525.2.)",
"product_ids": [
"CSAFPID-0001"
],
"url": "http://www.integraxor.com/download/beta.msi?5.0.4525.2."
},
{
"category": "mitigation",
"details": "Ecava recommends downloading the latest build to address the identified vulnerabilities.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Ecava has released a vulnerability note, which is available at the following URL: (http://www.integraxor.com/blog/category/security/vulnerability-note/).",
"product_ids": [
"CSAFPID-0001"
],
"url": "http://www.integraxor.com/blog/category/security/vulnerability-note/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2016-2299",
"cwe": {
"id": "CWE-89",
"name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
},
"notes": [
{
"category": "summary",
"text": "SQL injection vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Ecava has produced a new version that addresses the reported vulnerabilities, as well as some identified security risks, in Version 5.0, build 4522. Ecava has resolved the authenticated SQL injection associated with operator and supervisor accounts. Ecava is planning to address the remaining risk to administrative accounts in an upcoming release. Ecava\u2019s new version of the IntegraXor software, Version 5.0, build 4522 is available for download at the following link: (http://www.integraxor.com/download/beta.msi?5.0.4525.2.)",
"product_ids": [
"CSAFPID-0001"
],
"url": "http://www.integraxor.com/download/beta.msi?5.0.4525.2."
},
{
"category": "mitigation",
"details": "Ecava recommends downloading the latest build to address the identified vulnerabilities.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Ecava has released a vulnerability note, which is available at the following URL: (http://www.integraxor.com/blog/category/security/vulnerability-note/).",
"product_ids": [
"CSAFPID-0001"
],
"url": "http://www.integraxor.com/blog/category/security/vulnerability-note/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2016-2302",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "summary",
"text": "Ecava IntegraXor before 5.0 build 4522 allows remote attackers to obtain sensitive information by reading detailed error messages.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Ecava has produced a new version that addresses the reported vulnerabilities, as well as some identified security risks, in Version 5.0, build 4522. Ecava has resolved the authenticated SQL injection associated with operator and supervisor accounts. Ecava is planning to address the remaining risk to administrative accounts in an upcoming release. Ecava\u2019s new version of the IntegraXor software, Version 5.0, build 4522 is available for download at the following link: (http://www.integraxor.com/download/beta.msi?5.0.4525.2.)",
"product_ids": [
"CSAFPID-0001"
],
"url": "http://www.integraxor.com/download/beta.msi?5.0.4525.2."
},
{
"category": "mitigation",
"details": "Ecava recommends downloading the latest build to address the identified vulnerabilities.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Ecava has released a vulnerability note, which is available at the following URL: (http://www.integraxor.com/blog/category/security/vulnerability-note/).",
"product_ids": [
"CSAFPID-0001"
],
"url": "http://www.integraxor.com/blog/category/security/vulnerability-note/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2016-2301",
"cwe": {
"id": "CWE-89",
"name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
},
"notes": [
{
"category": "summary",
"text": "SQL injection vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "Ecava has produced a new version that addresses the reported vulnerabilities, as well as some identified security risks, in Version 5.0, build 4522. Ecava has resolved the authenticated SQL injection associated with operator and supervisor accounts. Ecava is planning to address the remaining risk to administrative accounts in an upcoming release. Ecava\u2019s new version of the IntegraXor software, Version 5.0, build 4522 is available for download at the following link: (http://www.integraxor.com/download/beta.msi?5.0.4525.2.)",
"product_ids": [
"CSAFPID-0001"
],
"url": "http://www.integraxor.com/download/beta.msi?5.0.4525.2."
},
{
"category": "mitigation",
"details": "Ecava recommends downloading the latest build to address the identified vulnerabilities.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Ecava has released a vulnerability note, which is available at the following URL: (http://www.integraxor.com/blog/category/security/vulnerability-note/).",
"product_ids": [
"CSAFPID-0001"
],
"url": "http://www.integraxor.com/blog/category/security/vulnerability-note/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
}
]
}
gsd-2016-2303
Vulnerability from gsd
Modified
2023-12-13 01:21
Details
CRLF injection vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2016-2303",
"description": "CRLF injection vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL.",
"id": "GSD-2016-2303"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2016-2303"
],
"details": "CRLF injection vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL.",
"id": "GSD-2016-2303",
"modified": "2023-12-13T01:21:20.192331Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2016-2303",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CRLF injection vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-105-03",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-105-03"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:ecava:integraxor:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.2.4502",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2016-2303"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "CRLF injection vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-16-105-03",
"refsource": "MISC",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-105-03"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM"
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
},
"lastModifiedDate": "2016-04-27T18:33Z",
"publishedDate": "2016-04-22T00:59Z"
}
}
}
var-201604-0072
Vulnerability from variot
CRLF injection vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL. Ecava IntegraXor Is CRLF An injection vulnerability exists. Supplementary information : CWE Vulnerability type by CWE-93: Improper Neutralization of CRLF Sequences (CRLF injection ) Has been identified. Ecava IntegraXor is a web-based tool for creating and running HMI interfaces for SCADA systems. The Ecava IntegraXor HMI failed to properly handle specific elements in the input, allowing remote attackers to exploit the vulnerability to bypass security restrictions. Ecava IntegraXor is prone to the following security vulnerabilities. 1. A clear-text transmission of sensitive information vulnerability 2. A Cross-site scripting vulnerability 3. Multiple security bypass vulnerabilities 4. Multiple SQL-injection vulnerabilities Exploiting these vulnerabilities could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database, gain access to sensitive information or bypass security restrictions
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201604-0072",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "integraxor",
"scope": "lte",
"trust": 1.0,
"vendor": "ecava",
"version": "4.2.4502"
},
{
"model": "integraxor",
"scope": "lt",
"trust": 0.8,
"vendor": "ecava",
"version": "5.0 build 4522"
},
{
"model": "integraxor build",
"scope": "lt",
"trust": 0.6,
"vendor": "ecava",
"version": "5.04522"
},
{
"model": "integraxor",
"scope": "eq",
"trust": 0.6,
"vendor": "ecava",
"version": "4.2.4502"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "integraxor",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "58af9c0e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2016-02330"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002348"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-319"
},
{
"db": "NVD",
"id": "CVE-2016-2303"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:ecava:integraxor",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-002348"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Marcus Richerson and Steven Seeley of Source Incite, working with Trend Micro\u2019s Zero Day Initiative",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201604-319"
}
],
"trust": 0.6
},
"cve": "CVE-2016-2303",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2016-2303",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2016-02330",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "58af9c0e-2351-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.9 [IVD]"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2016-2303",
"impactScore": 1.4,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-2303",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2016-2303",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2016-02330",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201604-319",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "58af9c0e-2351-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "58af9c0e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2016-02330"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002348"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-319"
},
{
"db": "NVD",
"id": "CVE-2016-2303"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "CRLF injection vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL. Ecava IntegraXor Is CRLF An injection vulnerability exists. Supplementary information : CWE Vulnerability type by CWE-93: Improper Neutralization of CRLF Sequences (CRLF injection ) Has been identified. Ecava IntegraXor is a web-based tool for creating and running HMI interfaces for SCADA systems. The Ecava IntegraXor HMI failed to properly handle specific elements in the input, allowing remote attackers to exploit the vulnerability to bypass security restrictions. Ecava IntegraXor is prone to the following security vulnerabilities. \n1. A clear-text transmission of sensitive information vulnerability\n2. A Cross-site scripting vulnerability\n3. Multiple security bypass vulnerabilities\n4. Multiple SQL-injection vulnerabilities\nExploiting these vulnerabilities could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database, gain access to sensitive information or bypass security restrictions",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-2303"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002348"
},
{
"db": "CNVD",
"id": "CNVD-2016-02330"
},
{
"db": "BID",
"id": "86088"
},
{
"db": "IVD",
"id": "58af9c0e-2351-11e6-abef-000c29c66e3d"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-2303",
"trust": 3.5
},
{
"db": "ICS CERT",
"id": "ICSA-16-105-03",
"trust": 3.3
},
{
"db": "CNVD",
"id": "CNVD-2016-02330",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201604-319",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002348",
"trust": 0.8
},
{
"db": "BID",
"id": "86088",
"trust": 0.3
},
{
"db": "IVD",
"id": "58AF9C0E-2351-11E6-ABEF-000C29C66E3D",
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "58af9c0e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2016-02330"
},
{
"db": "BID",
"id": "86088"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002348"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-319"
},
{
"db": "NVD",
"id": "CVE-2016-2303"
}
]
},
"id": "VAR-201604-0072",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "58af9c0e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2016-02330"
}
],
"trust": 1.07383092
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "58af9c0e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2016-02330"
}
]
},
"last_update_date": "2024-11-23T21:43:13.506000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.integraxor.com/"
},
{
"title": "Ecava IntegraXor HMI Permissions Bypass Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/74340"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-02330"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002348"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-002348"
},
{
"db": "NVD",
"id": "CVE-2016-2303"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.3,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-16-105-03"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2303"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-2303"
},
{
"trust": 0.3,
"url": "http://www.integraxor.com/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-02330"
},
{
"db": "BID",
"id": "86088"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002348"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-319"
},
{
"db": "NVD",
"id": "CVE-2016-2303"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "58af9c0e-2351-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2016-02330"
},
{
"db": "BID",
"id": "86088"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-002348"
},
{
"db": "CNNVD",
"id": "CNNVD-201604-319"
},
{
"db": "NVD",
"id": "CVE-2016-2303"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-04-19T00:00:00",
"db": "IVD",
"id": "58af9c0e-2351-11e6-abef-000c29c66e3d"
},
{
"date": "2016-04-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-02330"
},
{
"date": "2016-04-14T00:00:00",
"db": "BID",
"id": "86088"
},
{
"date": "2016-04-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-002348"
},
{
"date": "2016-04-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201604-319"
},
{
"date": "2016-04-22T00:59:04.540000",
"db": "NVD",
"id": "CVE-2016-2303"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-04-19T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-02330"
},
{
"date": "2016-07-06T14:31:00",
"db": "BID",
"id": "86088"
},
{
"date": "2016-04-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-002348"
},
{
"date": "2016-04-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201604-319"
},
{
"date": "2024-11-21T02:48:11.343000",
"db": "NVD",
"id": "CVE-2016-2303"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201604-319"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ecava IntegraXor In CRLF Injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-002348"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201604-319"
}
],
"trust": 0.6
}
}
ghsa-9gxq-rfrc-79c7
Vulnerability from github
Published
2022-05-17 03:56
Modified
2022-05-17 03:56
Severity ?
VLAI Severity ?
Details
CRLF injection vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL.
{
"affected": [],
"aliases": [
"CVE-2016-2303"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2016-04-22T00:59:00Z",
"severity": "MODERATE"
},
"details": "CRLF injection vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL.",
"id": "GHSA-9gxq-rfrc-79c7",
"modified": "2022-05-17T03:56:26Z",
"published": "2022-05-17T03:56:26Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2303"
},
{
"type": "WEB",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-105-03"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"type": "CVSS_V3"
}
]
}
fkie_cve-2016-2303
Vulnerability from fkie_nvd
Published
2016-04-22 00:59
Modified
2025-04-12 10:46
Severity ?
Summary
CRLF injection vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ics-cert@hq.dhs.gov | https://ics-cert.us-cert.gov/advisories/ICSA-16-105-03 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://ics-cert.us-cert.gov/advisories/ICSA-16-105-03 | Third Party Advisory, US Government Resource |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ecava | integraxor | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ecava:integraxor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A57ED23C-1807-472A-905C-69F80A009A89",
"versionEndIncluding": "4.2.4502",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "CRLF injection vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n CRLF en Ecava IntegraXor en versiones anteriores a 5.0 build 4522 permite a atacantes remotos inyectar cabeceras HTTP arbitrarias y llevar a cabo ataques de separaci\u00f3n de respuesta HTTP a trav\u00e9s de una URL manipulada."
}
],
"evaluatorComment": "\u003ca href=\"https://cwe.mitre.org/data/definitions/93.html\"\u003eCWE-93: Improper Neutralization of CRLF Sequences (\u0027CRLF Injection\u0027)\u003c/a\u003e",
"id": "CVE-2016-2303",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-04-22T00:59:04.540",
"references": [
{
"source": "ics-cert@hq.dhs.gov",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-105-03"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-16-105-03"
}
],
"sourceIdentifier": "ics-cert@hq.dhs.gov",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…