漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
IBM Maximo Asset Management 7.6.1.1 and 7.6.1.2 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. By sending a specially crafted HTTP request, a remote attacker could exploit this vulnerability to inject HTTP HOST header, which will allow the attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 205680.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
IBM Maximo Asset Management 安全漏洞
Vulnerability Description
IBM Maximo Asset Management是美国IBM公司的一套综合性资产生命周期和维护管理解决方案。该方案能够在一个平台上管理所有类型的资产,如设施、交通运输等,并对这些资产实现单点控制。 IBM Maximo Asset Management 7.6.1.1 版本和 7.6.1.2 版本存在安全漏洞,该漏洞源于对 HOST 标头的输入验证不正确,导致容易受到 HTTP 标头注入的攻击。远程攻击者通过发送特制的 HTTP 请求可以利用此漏洞注入 HTTP HOST 标头,这将允许攻击者对易受
CVSS Information
N/A
Vulnerability Type
N/A