12 Déc 2018
CVE-2018-1474 - CVE Vulnerability
IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9 is vulnerable to HTTP response splitting attacks, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to inject arbitrary HTTP headers and cause the server to return a split response, once the URL is clicked. This would allow the attacker to perform further attacks, such as Web cache poisoning or cross-site scripting, and possibly obtain sensitive information. IBM X-force ID: 140692. (CVSS:0.0) (Last Update:2018-12-12)
Vulnerability Details : IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9 is vulnerable to HTTP response splitting attacks, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to inject arbitrary HTTP headers and cause the server to return a split response, once the URL is clicked. This would allow the attacker to perform further attacks, such as Web cache poisoning or cross-site scripting, and possibly obtain sensitive information. IBM X-force ID: 140692. Publish Date : 2018-12-12 Last Update Date : 2018-12-12 - CVSS Scores & Vulnerability Types
- Products Affected By CVE-2018-1474
- References For CVE-2018-1474
| |||||||||||||||||||||||||||||||||||||||||||||||
- Metasploit Modules Related To CVE-2018-1474There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information) |