Total
17 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-26289 | 2024-07-30 | N/A | 5.4 MEDIUM | ||
| IBM Aspera Orchestrator 4.0.1 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 248478. | |||||
| CVE-2024-39736 | 1 Ibm | 2 Datacap, Datacap Navigator | 2024-07-16 | N/A | 9.8 CRITICAL |
| IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 296003. | |||||
| CVE-2022-22399 | 2024-03-06 | N/A | 5.4 MEDIUM | ||
| IBM Aspera Faspex 5.0.0 and 5.0.1 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 222562. | |||||
| CVE-2024-21499 | 2024-02-20 | N/A | 4.3 MEDIUM | ||
| All versions of the package github.com/greenpau/caddy-security are vulnerable to HTTP Header Injection via the X-Forwarded-Proto header due to redirecting to the injected protocol.Exploiting this vulnerability could lead to bypass of security mechanisms or confusion in handling TLS. | |||||
| CVE-2024-1064 | 1 Craftycontrol | 1 Crafty Controller | 2024-02-12 | N/A | 7.5 HIGH |
| A host header injection vulnerability in the HTTP handler component of Crafty Controller allows a remote, unauthenticated attacker to trigger a Denial of Service (DoS) condition via a modified host header | |||||
| CVE-2023-47143 | 1 Ibm | 1 Tivoli Application Dependency Discovery Manager | 2024-02-08 | N/A | 9.8 CRITICAL |
| IBM Tivoli Application Dependency Discovery Manager 7.3.0.0 through 7.3.0.10 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 270270. | |||||
| CVE-2022-45102 | 1 Dell | 5 Dp4400, Dp4400 Firmware, Dp5900 and 2 more | 2023-11-07 | N/A | 6.1 MEDIUM |
| Dell EMC Data Protection Central, versions 19.1 through 19.7, contains a Host Header Injection vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability by injecting arbitrary \u2018Host\u2019 header values to poison a web cache or trigger redirections. | |||||
| CVE-2022-34316 | 1 Ibm | 1 Cics Tx | 2023-11-07 | N/A | 5.3 MEDIUM |
| IBM CICS TX 11.1 does not neutralize or incorrectly neutralizes web scripting syntax in HTTP headers that can be used by web browser components that can process raw headers. IBM X-Force ID: 229452. | |||||
| CVE-2021-38997 | 1 Ibm | 1 Api Connect | 2023-11-07 | N/A | 5.4 MEDIUM |
| IBM API Connect V10.0.0.0 through V10.0.5.0, V10.0.1.0 through V10.0.1.7, and V2018.4.1.0 through 2018.4.1.19 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 213212. | |||||
| CVE-2023-36919 | 1 Sap | 1 Enable Now | 2023-07-18 | N/A | 5.3 MEDIUM |
| In SAP Enable Now - versions WPB_MANAGER 1.0, WPB_MANAGER_CE 10, WPB_MANAGER_HANA 10, ENABLE_NOW_CONSUMP_DEL 1704, the Referrer-Policy response header is not implemented, allowing an unauthenticated attacker to obtain referrer details, resulting in information disclosure. | |||||
| CVE-2023-36921 | 1 Sap | 1 Solution Manager | 2023-07-18 | N/A | 7.2 HIGH |
| SAP Solution Manager (Diagnostics agent) - version 7.20, allows an attacker to tamper with headers in a client request. This misleads SAP Diagnostics Agent to serve poisoned content to the server. On successful exploitation, the attacker can cause a limited impact on confidentiality and availability of the application. | |||||
| CVE-2023-34036 | 1 Vmware | 1 Spring Hateoas | 2023-07-17 | N/A | 5.3 MEDIUM |
| Reactive web applications that use Spring HATEOAS to produce hypermedia-based responses might be exposed to malicious forwarded headers if they are not behind a trusted proxy that ensures correctness of such headers, or if they don't have anything else in place to handle (and possibly discard) forwarded headers either in WebFlux or at the level of the underlying HTTP server. For the application to be affected, it needs to satisfy the following requirements: * It needs to use the reactive web stack (Spring WebFlux) and Spring HATEOAS to create links in hypermedia-based responses. * The application infrastructure does not guard against clients submitting (X-)Forwarded… headers. | |||||
| CVE-2023-32465 | 1 Dell | 1 Powerprotect Cyber Recovery | 2023-06-27 | N/A | 8.8 HIGH |
| Dell Power Protect Cyber Recovery, contains an Authentication Bypass vulnerability. An attacker could potentially exploit this vulnerability, leading to unauthorized admin access to the Cyber Recovery application. Exploitation may lead to complete system takeover by an attacker. | |||||
| CVE-2021-41114 | 1 Typo3 | 1 Typo3 | 2021-10-09 | 5.0 MEDIUM | 5.3 MEDIUM |
| TYPO3 is an open source PHP based web content management system released under the GNU GPL. It has been discovered that TYPO3 CMS is susceptible to host spoofing due to improper validation of the HTTP Host header. TYPO3 uses the HTTP Host header, for example, to generate absolute URLs during the frontend rendering process. Since the host header itself is provided by the client, it can be forged to any value, even in a name-based virtual hosts environment. This vulnerability is the same as described in TYPO3-CORE-SA-2014-001 (CVE-2014-3941). A regression, introduced during TYPO3 v11 development, led to this situation. The already existing setting $GLOBALS['TYPO3_CONF_VARS']['SYS']['trustedHostsPattern'] (used as an effective mitigation strategy in previous TYPO3 versions) was not evaluated anymore, and reintroduced the vulnerability. | |||||
| CVE-2021-21265 | 1 Octobercms | 1 October | 2021-03-18 | 4.3 MEDIUM | 7.5 HIGH |
| October is a free, open-source, self-hosted CMS platform based on the Laravel PHP Framework. In October before version 1.1.2, when running on poorly configured servers (i.e. the server routes any request, regardless of the HOST header to an October CMS instance) the potential exists for Host Header Poisoning attacks to succeed. This has been addressed in version 1.1.2 by adding a feature to allow a set of trusted hosts to be specified in the application. As a workaround one may set the configuration setting cms.linkPolicy to force. | |||||
| CVE-2020-6982 | 1 Honeywell | 1 Win-pak | 2020-03-26 | 5.8 MEDIUM | 8.8 HIGH |
| In Honeywell WIN-PAK 4.7.2, Web and prior versions, the header injection vulnerability has been identified, which may allow remote code execution. | |||||
| CVE-2017-6031 | 1 Certec Edv Gmbh | 1 Atvise Scada | 2019-10-09 | 6.8 MEDIUM | 8.8 HIGH |
| A Header Injection issue was discovered in Certec EDV GmbH atvise scada prior to Version 3.0. An "improper neutralization of HTTP headers for scripting syntax" issue has been identified, which may allow remote code execution. | |||||