漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
HCL BigFix Service Management (SM) is susceptible to HTTP Request Smuggling
Vulnerability Description
HCL BigFix Service Management is susceptible to HTTP Request Smuggling. HTTP request smuggling vulnerabilities arise when websites route HTTP requests through web servers with inconsistent HTTP parsing. HTTP Smuggling exploits inconsistencies in request parsing between front-end and back-end servers, allowing attackers to bypass security controls and perform attacks like cache poisoning or request hijacking.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
HTTP请求的解释不一致性(HTTP请求私运)
Vulnerability Title
HCL BigFix Service Management 安全漏洞
Vulnerability Description
HCL BigFix Service Management是印度HCL公司的一款IT服务管理与资产运营平台。 HCL BigFix Service Management存在安全漏洞,该漏洞源于HTTP请求夹带,可能导致攻击者绕过安全控制,执行缓存投毒或请求劫持等攻击。
CVSS Information
N/A
Vulnerability Type
N/A