CVE-2016-7152
published 2016-09-06CVE-2016-7152: The HTTPS protocol does not consider the role of the TCP congestion window in providing information about content length, which makes it easier for remote…
PriorityP434medium5.3CVSS 3.0
AVNACLPRNUINSUCLINAN
EPSS
13.98%
96.1th percentile
The HTTPS protocol does not consider the role of the TCP congestion window in providing information about content length, which makes it easier for remote attackers to obtain cleartext data by leveraging a web-browser configuration in which third-party cookies are sent, aka a "HEIST" attack.
CVSS provenance
nvdv3.05.3MEDIUMCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
osv5.3MEDIUM
vendor_redhat5.3MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-gj46-mfx7-2vwx: The HTTPS protocol does not consider the role of the TCP congestion window in providing information about content length, which makes it easier for re
ghsa_unreviewed·2022-05-17
CVE-2016-7152 [MEDIUM] CWE-200 GHSA-gj46-mfx7-2vwx: The HTTPS protocol does not consider the role of the TCP congestion window in providing information about content length, which makes it easier for re
The HTTPS protocol does not consider the role of the TCP congestion window in providing information about content length, which makes it easier for remote attackers to obtain cleartext data by leveraging a web-browser configuration in which third-party cookies are sent, aka a "HEIST" attack.
OSV
CVE-2016-7152: The HTTPS protocol does not consider the role of the TCP congestion window in providing information about content length, which makes it easier for re
osv·2016-09-06·CVSS 5.3
CVE-2016-7152 [MEDIUM] CVE-2016-7152: The HTTPS protocol does not consider the role of the TCP congestion window in providing information about content length, which makes it easier for re
The HTTPS protocol does not consider the role of the TCP congestion window in providing information about content length, which makes it easier for remote attackers to obtain cleartext data by leveraging a web-browser configuration in which third-party cookies are sent, aka a "HEIST" attack.
Red Hat
HTTPS: HEIST attack allows attackers to sniff TLS encrypted HTTP traffic
vendor_redhat·2016-08-03·CVSS 5.3
CVE-2016-7152 [MEDIUM] HTTPS: HEIST attack allows attackers to sniff TLS encrypted HTTP traffic
HTTPS: HEIST attack allows attackers to sniff TLS encrypted HTTP traffic
The HTTPS protocol does not consider the role of the TCP congestion window in providing information about content length, which makes it easier for remote attackers to obtain cleartext data by leveraging a web-browser configuration in which third-party cookies are sent, aka a "HEIST" attack.
Mitigation: Disable third-party cookies in the browser.
https://support.mozilla.org/en-US/kb/disable-third-party-cookies (Firefox)
https://support.google.com/chrome/answer/95647?hl=en (Google Chrome)
Package: httpd (Red Hat Enterprise Linux 7) - Not affected
No detection rules found.
No public exploits indexed.
http://arstechnica.com/security/2016/08/new-attack-steals-ssns-e-mail-addresses-and-more-from-https-pages/http://www.securityfocus.com/bid/92769http://www.securitytracker.com/id/1036741http://www.securitytracker.com/id/1036742http://www.securitytracker.com/id/1036743http://www.securitytracker.com/id/1036744http://www.securitytracker.com/id/1036745http://www.securitytracker.com/id/1036746https://tom.vg/papers/heist_blackhat2016.pdfhttp://arstechnica.com/security/2016/08/new-attack-steals-ssns-e-mail-addresses-and-more-from-https-pages/http://www.securityfocus.com/bid/92769http://www.securitytracker.com/id/1036741http://www.securitytracker.com/id/1036742http://www.securitytracker.com/id/1036743http://www.securitytracker.com/id/1036744http://www.securitytracker.com/id/1036745http://www.securitytracker.com/id/1036746https://tom.vg/papers/heist_blackhat2016.pdf
2016-09-06
Published