CWE-113 - Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting')

Description

Before compising the received data into outgoing HTTP headers software analyses it and performs CR (carriage return, also given by %0d or \r) and LF (line feed, also given by %0a or \n) symbols neutralization. Because of the weakness, software isn't able to check and change data correctly. If the HTTP contains CR and LF characters, protocol gives 2 responses instead 1. Attackers can intercept, control and use the second response for their purposes: to make cross-site scripting and cache poisoning attacks.
The weakness is introduced during Implementation stage.

Latest vulnerabilities for CWE-113

Multiple vulnerabilities in IBM Business Automation Workflow 2024-04-18
Medium Yes

Multiple vulnerabilities in IBM Observability with Instana 2024-04-17
Medium Yes

Multiple vulnerabilities in Oracle Linux 2024-04-17
High Yes

Multiple vulnerabilities in IBM WebSphere Remote Server 2024-04-11
Medium Yes

Multiple vulnerabilities in IBM HTTP Server 2024-04-11
Medium Yes

Multiple vulnerabilities in cPanel EasyApache 2024-04-09
Medium Yes

Multiple vulnerabilities in Apache HTTP Server 2024-04-04
Medium Yes

Multiple vulnerabilities in IBM Operations Analytics - Log Analysis 2024-03-20
Medium Yes

Multiple vulnerabilities in IBM Maximo Asset Management 2024-03-01
High Yes

Multiple vulnerabilities in IBM Cloud Pak for Multicloud Management 2024-02-29
High Yes

References

Description of CWE-113 on Mitre website