IBM Cloud Private CVE-2018-1943 Host Header Injection Vulnerability

IBM Cloud Private is prone to a host header-injection vulnerability because it fails to properly validate an HTTP request header.

A successful attack may allow attackers to insert a crafted host header to navigate the victim to the attacker's domain.

IBM Cloud Private versions 3.1.0 and 3.1.1 are vulnerable.


 

Privacy Statement
Copyright 2010, SecurityFocus