CVE-2019-4186

IBM Jazz for Service Management 1.1.3 is vulnerable to HTTP header injection, caused by incorrect trust in the HTTP Host header during caching. By sending a specially crafted HTTP GET request, a remote attacker could exploit this vulnerability to inject arbitrary HTTP headers, which will allow the attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-force ID: 158976.

CVSS v3 6.1 MEDIUM
CVSS v2.0 4.3 MEDIUM

6.1^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 2.7

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope CHANGED

4.3^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
https://exchange.xforce.ibmcloud.com/vulnerabilities/158976	VDB Entry Vendor Advisory
https://supportcontent.ibm.com/support/pages/node/1071966	Permissions Required
https://exchange.xforce.ibmcloud.com/vulnerabilities/158976	VDB Entry Vendor Advisory
https://supportcontent.ibm.com/support/pages/node/1071966	Permissions Required

Configurations

Configuration 1 (hide)

cpe:2.3:a:ibm:jazz_for_service_management:1.1.3:*:*:*:*:*:*:*

History

21 Nov 2024, 04:43

Type	Values Removed	Values Added
References	~~() https://exchange.xforce.ibmcloud.com/vulnerabilities/158976 - VDB Entry, Vendor Advisory~~	() https://exchange.xforce.ibmcloud.com/vulnerabilities/158976 - VDB Entry, Vendor Advisory
References	~~() https://supportcontent.ibm.com/support/pages/node/1071966 - Permissions Required~~	() https://supportcontent.ibm.com/support/pages/node/1071966 - Permissions Required

Information

Published : 2019-09-05 15:15

Updated : 2024-11-21 04:43

NVD link : CVE-2019-4186

Mitre link : CVE-2019-4186

CVE.ORG link : CVE-2019-4186

JSON object : View

Products Affected

ibm

jazz_for_service_management

CWE

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

{"id": "CVE-2019-4186", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV30": [{"type": "Secondary", "source": "psirt@us.ibm.com", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 3.9}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.1, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 2.8}]}, "published": "2019-09-05T15:15:12.970", "references": [{"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/158976", "tags": ["VDB Entry", "Vendor Advisory"], "source": "psirt@us.ibm.com"}, {"url": "https://supportcontent.ibm.com/support/pages/node/1071966", "tags": ["Permissions Required"], "source": "psirt@us.ibm.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/158976", "tags": ["VDB Entry", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://supportcontent.ibm.com/support/pages/node/1071966", "tags": ["Permissions Required"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "IBM Jazz for Service Management 1.1.3 is vulnerable to HTTP header injection, caused by incorrect trust in the HTTP Host header during caching. By sending a specially crafted HTTP GET request, a remote attacker could exploit this vulnerability to inject arbitrary HTTP headers, which will allow the attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-force ID: 158976."}, {"lang": "es", "value": "Jazz for Service Management de IBM versi\u00f3n 1.1.3 es vulnerable a la inyecci\u00f3n de cabeceras HTTP causado por una confianza incorrecta en el encabezado HTTP Host durante el almacenamiento en cach\u00e9. Al enviar una solicitud HTTP GET especialmente dise\u00f1ada, un atacante remoto podr\u00eda aprovechar esta vulnerabilidad para inyectar encabezados HTTP arbitrarios, lo que permitir\u00e1 al atacante realizar varios ataques contra el sistema vulnerable, incluyendo secuencias de comandos entre sitios, envenenamiento de cach\u00e9 o secuestro de sesi\u00f3n. ID de IBM X-force: 158976."}], "lastModified": "2024-11-21T04:43:17.840", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ibm:jazz_for_service_management:1.1.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A4D61491-0785-4193-A828-2177AFB81380"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@us.ibm.com"}