Vulnerability Description: CWE-312: Cleartext Storage of Sensitive Information
Software Version: <= 8.12.2
NIST: https://nvd.nist.gov/vuln/detail/CVE-2021-28979
CVSv3: 6.5
Severity: Medium
Credits: Luca Di Giuseppe, Mattia Campanelli, Alessandro Sabetta, Massimiliano Brolli
SafeNet KeySecure Management Console 8.12.0 is vulnerable to HTTP response splitting attacks. A remote attacker could exploit this vulnerability using specially-crafted URL to cause the server to return a split response, once the URL is clicked.