Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
IBM i improper HTTP header neutralization
Vulnerability Description
IBM i 7.3, 7.4, 7.5, and 7.5 is vulnerable to a host header injection attack caused by improper neutralization of HTTP header content by IBM Navigator for i. An authenticated user can manipulate the host header in HTTP requests to change domain/IP address which may lead to unexpected behavior.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Vulnerability Type
对HTTP头部进行脚本语法转义处理不恰当
Vulnerability Title
IBM i 安全漏洞
Vulnerability Description
IBM i是美国国际商业机器(IBM)公司的一套运行在IBM Power Systems和IBM PureSystems中的操作系统。 IBM i存在安全漏洞,该漏洞源于HTTP头内容中和不当,可能导致主机头注入攻击。以下版本受到影响: 7.3版本、7.4版本和7.5版本。
CVSS Information
N/A
Vulnerability Type
N/A