admin/cve
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2025-05-06 18:52:12 +00:00
Code Issues Packages Projects Releases Wiki Activity
cve/2023/CVE-2023-47143.md

18 lines
977 B
Markdown
Raw Normal View History

Update Sat May 25 21:48:12 CEST 2024
2024-05-25 21:48:12 +02:00
### [CVE-2023-47143](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-47143)
![](https://img.shields.io/static/v1?label=Product&message=Tivoli%20Application%20Dependency%20Discovery%20Manager&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=7.3.0.0%3C%3D%207.3.0.10%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-644%20Improper%20Neutralization%20of%20HTTP%20Headers%20for%20Scripting%20Syntax&color=brighgreen)
### Description
IBM Tivoli Application Dependency Discovery Manager 7.3.0.0 through 7.3.0.10 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 270270.
### POC
#### Reference
No PoCs from references.
#### Github
- https://github.com/fkie-cad/nvd-json-data-feeds
Reference in New Issue Copy Permalink