Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
IBM Cloud Pak for Automation 21.0.1 and 21.0.2 - Business Automation Studio Component is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. By sending a specially crafted HTTP request, a remote attacker could exploit this vulnerability to inject HTTP HOST header, which will allow the attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 206228.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
IBM Cloud Pak for Automation 安全漏洞
Vulnerability Description
IBM Cloud Pak for Automation是美国IBM公司的一个应用于云环境中用于构建自动化应用的智能软件平台。该平台使用预先集成的自动化技术和低代码工具,在任何云上设计、构建和运行自动化应用与服务。 IBM Cloud Pak for Automation 21.0.1 和 21.0.2 - Business Automation Studio 组件存在安全漏洞,该漏洞源于 HOST 标头的输入验证不当。远程攻击者可以利用此漏洞注入特制的 HTTP HOST 标头,从而对易受攻击的系统进行
CVSS Information
N/A
Vulnerability Type
N/A