Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-tdj6-jjmb-tkav
Vulnerability ID VCID-tdj6-jjmb-tkav
Aliases CVE-2016-6311
Summary EAP7: Internal IP address disclosed on redirect when request header Host field is not set
Status Published
Exploitability 0.5
Weighted Severity 4.8
Risk 2.4
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
System Score Found at
cvssv3 5.3 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6311.json
epss 0.00302 https://api.first.org/data/v1/epss?cve=CVE-2016-6311
epss 0.00302 https://api.first.org/data/v1/epss?cve=CVE-2016-6311
epss 0.00302 https://api.first.org/data/v1/epss?cve=CVE-2016-6311
epss 0.00302 https://api.first.org/data/v1/epss?cve=CVE-2016-6311
epss 0.00679 https://api.first.org/data/v1/epss?cve=CVE-2016-6311
epss 0.00679 https://api.first.org/data/v1/epss?cve=CVE-2016-6311
epss 0.00679 https://api.first.org/data/v1/epss?cve=CVE-2016-6311
epss 0.00679 https://api.first.org/data/v1/epss?cve=CVE-2016-6311
epss 0.00679 https://api.first.org/data/v1/epss?cve=CVE-2016-6311
epss 0.00679 https://api.first.org/data/v1/epss?cve=CVE-2016-6311
epss 0.00679 https://api.first.org/data/v1/epss?cve=CVE-2016-6311
epss 0.00679 https://api.first.org/data/v1/epss?cve=CVE-2016-6311
epss 0.00679 https://api.first.org/data/v1/epss?cve=CVE-2016-6311
epss 0.00679 https://api.first.org/data/v1/epss?cve=CVE-2016-6311
epss 0.00679 https://api.first.org/data/v1/epss?cve=CVE-2016-6311
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6311.json
https://api.first.org/data/v1/epss?cve=CVE-2016-6311
1362735 https://bugzilla.redhat.com/show_bug.cgi?id=1362735
No exploits are available.
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6311.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.53503
EPSS Score 0.00302
Published At April 21, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-04-01T14:35:59.157430+00:00 RedHat Importer Import https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6311.json 38.0.0