Executive Summary

Informations
NameCVE-2018-1658First vendor Publication2019-03-14
VendorCveLast vendor Modification2019-03-15

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:S/C:N/I:P/A:N)
Cvss Base Score3.5Attack RangeNetwork
Cvss Impact Score2.9Attack ComplexityMedium
Cvss Expoit Score6.8AuthenticationRequires single instance
Calculate full CVSS 2.0 Vectors scores

Detail

IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 through 6.0.6) is vulnerable to HTTP header injection, caused by improper validation of input. By persuading a victim to visit a specially-crafted Web page, a remote attacker could exploit this vulnerability to inject arbitrary HTTP headers, which will allow the attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 144884.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1658

CWE : Common Weakness Enumeration

%idName
100 %CWE-20Improper Input Validation

CPE : Common Platform Enumeration

TypeDescriptionCount
Application11

Sources (Detail)

SourceUrl
CONFIRM http://www.ibm.com/support/docview.wss?uid=ibm10875340
XF https://exchange.xforce.ibmcloud.com/vulnerabilities/144884

Alert History

If you want to see full details history, please login or register.
0
1
DateInformations
2019-03-15 17:19:12
  • Multiple Updates
2019-03-15 05:19:17
  • First insertion