CVE-2016-3118

MEDIUM

CA API Gateway <7.1.04-8.3.01-8.4 - CRLF Injection

Title source: llm

Description

CRLF injection vulnerability in CA API Gateway (formerly Layer7 API Gateway) 7.1 before 7.1.04, 8.0 through 8.3 before 8.3.01, and 8.4 before 8.4.01 allows remote attackers to have an unspecified impact via unknown vectors.

References (1)

[Vendor Advisory] http://www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20160405-01-security-notice-for-ca-api-gateway.aspx

Scores

CVSS v3 6.5

EPSS 0.0022

EPSS Percentile 44.8%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Classification

Status draft

Affected Products (6)

broadcom/api_gateway

Timeline

Published Apr 06, 2016

Tracked Since Feb 18, 2026