{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T05:44:28.902","vulnerabilities":[{"cve":{"id":"CVE-2016-0400","sourceIdentifier":"psirt@us.ibm.com","published":"2016-07-02T14:59:05.197","lastModified":"2025-04-12T10:46:40.837","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"CRLF injection vulnerability in IBM WebSphere eXtreme Scale 7.1.0 before 7.1.0.3, 7.1.1 before 7.1.1.1, 8.5 before 8.5.0.3, and 8.6 before 8.6.0.8 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL."},{"lang":"es","value":"Vulnerabilidad de inyección CRLF en IBM WebSphere eXtreme Scale 7.1.0 en versiones anteriores a 7.1.0.3, 7.1.1 en versiones anteriores a 7.1.1.1, 8.5 en versiones anteriores a 8.5.0.3 y 8.6 en versiones anteriores a 8.6.0.8 permite a atacantes remotos inyectar cabeceras HTTP arbitrarias y llevar a cabo ataques de separación de respuesta HTTP a través de una URL manipulada."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:websphere_extreme_scale:7.1.0:*:*:*:*:*:*:*","matchCriteriaId":"FCF504C3-FC26-4B47-9D19-3095CEA85014"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:websphere_extreme_scale:7.1.0.2:*:*:*:*:*:*:*","matchCriteriaId":"79D9CF88-822F-4D5C-85C6-6DA81E9E49F3"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:websphere_extreme_scale:7.1.1:*:*:*:*:*:*:*","matchCriteriaId":"E0472C4A-F281-4D5F-BC47-93427833B907"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:websphere_extreme_scale:8.5.0:*:*:*:*:*:*:*","matchCriteriaId":"0F24E300-FCBA-42E7-A0A0-8067FBE11C9F"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:websphere_extreme_scale:8.5.0.1:*:*:*:*:*:*:*","matchCriteriaId":"0ACD3876-C36B-42DB-9174-C67DD0959BAC"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:websphere_extreme_scale:8.5.0.2:*:*:*:*:*:*:*","matchCriteriaId":"B96C0D89-B07B-499E-A746-E3BF1AC6DBD3"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:websphere_extreme_scale:8.6.0.0:*:*:*:*:*:*:*","matchCriteriaId":"A974178A-404C-4BB7-AFE6-8C4A53205B7C"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:websphere_extreme_scale:8.6.0.1:*:*:*:*:*:*:*","matchCriteriaId":"BE60414F-6EB4-4285-850F-E0F2D5B36C1D"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:websphere_extreme_scale:8.6.0.2:*:*:*:*:*:*:*","matchCriteriaId":"946C4833-5BB2-4E54-8260-CEB66F03AEF8"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:websphere_extreme_scale:8.6.0.3:*:*:*:*:*:*:*","matchCriteriaId":"FE3DBEDF-A66C-4078-BD0D-8810B21EF58B"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:websphere_extreme_scale:8.6.0.4:*:*:*:*:*:*:*","matchCriteriaId":"2EF20610-8715-4683-83D9-9BBF822C7754"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:websphere_extreme_scale:8.6.0.5:*:*:*:*:*:*:*","matchCriteriaId":"DAB3F96D-F1FD-4427-BA83-676DCB7A37AE"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:websphere_extreme_scale:8.6.0.6:*:*:*:*:*:*:*","matchCriteriaId":"D365BD10-F98D-4F66-8119-21EBF30C1F73"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:websphere_extreme_scale:8.6.0.7:*:*:*:*:*:*:*","matchCriteriaId":"794E70DC-F220-4C2E-B7AD-15022B9C71D9"}]}]}],"references":[{"url":"http://www-01.ibm.com/support/docview.wss?uid=swg1PI60897","source":"psirt@us.ibm.com"},{"url":"http://www-01.ibm.com/support/docview.wss?uid=swg1PI60898","source":"psirt@us.ibm.com"},{"url":"http://www-01.ibm.com/support/docview.wss?uid=swg21983036","source":"psirt@us.ibm.com","tags":["Patch","Vendor Advisory"]},{"url":"https://www.exploit-db.com/exploits/40039/","source":"psirt@us.ibm.com"},{"url":"http://www-01.ibm.com/support/docview.wss?uid=swg1PI60897","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www-01.ibm.com/support/docview.wss?uid=swg1PI60898","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www-01.ibm.com/support/docview.wss?uid=swg21983036","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]},{"url":"https://www.exploit-db.com/exploits/40039/","source":"af854a3a-2127-422b-91ae-364da2661108"}],"evaluatorComment":"<a href=\"https://cwe.mitre.org/data/definitions/93.html\">CWE-93: Improper Neutralization of CRLF Sequences ('CRLF Injection')</a>"}}]}