CVE-2016-7152
Severity Score
5.3
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The HTTPS protocol does not consider the role of the TCP congestion window in providing information about content length, which makes it easier for remote attackers to obtain cleartext data by leveraging a web-browser configuration in which third-party cookies are sent, aka a "HEIST" attack.
El protocolo HTTPS no considera el rol de la ventana de congestión TCP cuando da información sobre longitud del contenido, lo que facilita a atacantes remotos obtener datos en texto plano aprovechando una configuración de navegador web donde son enviadas cookies de terceros, también conocido como ataque "HEIST".
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2016-09-06 CVE Reserved
- 2016-09-06 CVE Published
- 2024-06-29 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CAPEC
References (9)
| URL | Tag | Source |
|---|---|---|
| http://arstechnica.com/security/2016/08/new-attack-steals-ssns-e-mail-addresses-and-more-from-https-pages | Technical Description | |
| http://www.securityfocus.com/bid/92769 | Vdb Entry | |
| http://www.securitytracker.com/id/1036741 | Vdb Entry | |
| http://www.securitytracker.com/id/1036742 | Vdb Entry | |
| http://www.securitytracker.com/id/1036743 | Vdb Entry | |
| http://www.securitytracker.com/id/1036744 | Vdb Entry | |
| http://www.securitytracker.com/id/1036745 | Vdb Entry | |
| http://www.securitytracker.com/id/1036746 | Vdb Entry | |
| https://tom.vg/papers/heist_blackhat2016.pdf | Technical Description |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Opera Search vendor "Opera" | Opera Search vendor "Opera" for product "Opera" | - | - |
Affected
| ||||||
| Apple Search vendor "Apple" | Safari Search vendor "Apple" for product "Safari" | * | - |
Affected
| ||||||
| Mozilla Search vendor "Mozilla" | Firefox Search vendor "Mozilla" for product "Firefox" | * | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Edge Search vendor "Microsoft" for product "Edge" | - | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Internet Explorer Search vendor "Microsoft" for product "Internet Explorer" | - | - |
Affected
| ||||||
| Google Search vendor "Google" | Chrome Search vendor "Google" for product "Chrome" | - | - |
Affected
| ||||||