Vulnerability Description
IBM Tivoli Application Dependency Discovery Manager 7.3.0.0 through 7.3.0.10 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 270270.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Tivoli Application Dependency Discovery Manager | >= 7.3.0.0, < 7.3.0.11 |
Related Weaknesses (CWE)
References
- https://exchange.xforce.ibmcloud.com/vulnerabilities/270270VDB EntryVendor Advisory
- https://www.ibm.com/support/pages/node/7105139Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/270270VDB EntryVendor Advisory
- https://www.ibm.com/support/pages/node/7105139Vendor Advisory
FAQ
What is CVE-2023-47143?
CVE-2023-47143 is a vulnerability with a CVSS score of 10.0 (CRITICAL). IBM Tivoli Application Dependency Discovery Manager 7.3.0.0 through 7.3.0.10 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an at...
How severe is CVE-2023-47143?
CVE-2023-47143 has been rated CRITICAL with a CVSS base score of 10.0/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2023-47143?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Tivoli Application Dependency Discovery Manager.