CVE-2018-1474 - OpenCVE

IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9 is vulnerable to HTTP response splitting attacks, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to inject arbitrary HTTP headers and cause the server to return a split response, once the URL is clicked. This would allow the attacker to perform further attacks, such as Web cache poisoning or cross-site scripting, and possibly obtain sensitive information. IBM X-force ID: 140692.

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:M/Au:N/C:N/I:P/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Ibm	Bigfix Platform

Configuration 1 [-]

OR	cpe:2.3:a:ibm:bigfix_platform::::::::
	cpe:2.3:a:ibm:bigfix_platform::::::::

References

Link	Resource
https://exchange.xforce.ibmcloud.com/vulnerabilities/140692	VDB Entry Vendor Advisory
https://www.ibm.com/support/docview.wss?uid=ibm10733605	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: ibm

Published: 2018-12-10T00:00:00

Updated: 2018-12-12T15:57:01

Reserved: 2017-12-13T00:00:00

Link: CVE-2018-1474

JSON object: View

NVD Information

Status : Modified

Published: 2018-12-12T16:29:00.827

Modified: 2020-08-24T17:37:01.140

Link: CVE-2018-1474

JSON object: View

Redhat Information

No data.

CWE

CWE-74

{"containers": {"cna": {"affected": [{"product": "BigFix Platform", "vendor": "IBM", "versions": [{"status": "affected", "version": "9.5.9"}, {"status": "affected", "version": "9.2.0"}, {"status": "affected", "version": "9.2.14"}, {"status": "affected", "version": "9.5.0"}]}], "datePublic": "2018-12-10T00:00:00", "descriptions": [{"lang": "en", "value": "IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9 is vulnerable to HTTP response splitting attacks, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to inject arbitrary HTTP headers and cause the server to return a split response, once the URL is clicked. This would allow the attacker to perform further attacks, such as Web cache poisoning or cross-site scripting, and possibly obtain sensitive information. IBM X-force ID: 140692."}], "metrics": [{"cvssV3_0": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "exploitCodeMaturity": "UNPROVEN", "integrityImpact": "LOW", "privilegesRequired": "NONE", "remediationLevel": "OFFICIAL_FIX", "reportConfidence": "CONFIRMED", "scope": "CHANGED", "temporalScore": 5.3, "temporalSeverity": "MEDIUM", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/A:N/AC:L/AV:N/C:L/I:L/PR:N/S:C/UI:R/E:U/RC:C/RL:O", "version": "3.0"}}], "problemTypes": [{"descriptions": [{"description": "Gain Access", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-12-12T15:57:01", "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://www.ibm.com/support/docview.wss?uid=ibm10733605"}, {"name": "ibm-bigfix-cve20181474-response-splitting(140692)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140692"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@us.ibm.com", "DATE_PUBLIC": "2018-12-10T00:00:00", "ID": "CVE-2018-1474", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "BigFix Platform", "version": {"version_data": [{"version_value": "9.5.9"}, {"version_value": "9.2.0"}, {"version_value": "9.2.14"}, {"version_value": "9.5.0"}]}}]}, "vendor_name": "IBM"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9 is vulnerable to HTTP response splitting attacks, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to inject arbitrary HTTP headers and cause the server to return a split response, once the URL is clicked. This would allow the attacker to perform further attacks, such as Web cache poisoning or cross-site scripting, and possibly obtain sensitive information. IBM X-force ID: 140692."}]}, "impact": {"cvssv3": {"BM": {"A": "N", "AC": "L", "AV": "N", "C": "L", "I": "L", "PR": "N", "S": "C", "UI": "R"}, "TM": {"E": "U", "RC": "C", "RL": "O"}}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Gain Access"}]}]}, "references": {"reference_data": [{"name": "https://www.ibm.com/support/docview.wss?uid=ibm10733605", "refsource": "CONFIRM", "url": "https://www.ibm.com/support/docview.wss?uid=ibm10733605"}, {"name": "ibm-bigfix-cve20181474-response-splitting(140692)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140692"}]}}}}, "cveMetadata": {"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "assignerShortName": "ibm", "cveId": "CVE-2018-1474", "datePublished": "2018-12-10T00:00:00", "dateReserved": "2017-12-13T00:00:00", "dateUpdated": "2018-12-12T15:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:bigfix_platform:*:*:*:*:*:*:*:*", "matchCriteriaId": "41250DB2-F886-4105-B7E7-DF9D698C6029", "versionEndIncluding": "9.2.14", "versionStartIncluding": "9.2.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:bigfix_platform:*:*:*:*:*:*:*:*", "matchCriteriaId": "AB2C8863-EEBD-492B-9DAE-2E5C296B0BCE", "versionEndIncluding": "9.5.9", "versionStartIncluding": "9.5", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9 is vulnerable to HTTP response splitting attacks, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to inject arbitrary HTTP headers and cause the server to return a split response, once the URL is clicked. This would allow the attacker to perform further attacks, such as Web cache poisoning or cross-site scripting, and possibly obtain sensitive information. IBM X-force ID: 140692."}, {"lang": "es", "value": "IBM BigFix Platform, desde la versi\u00f3n 9.2.0 hasta la 9.2.14 y desde la 9.5 hasta la 9.5.9 es vulnerable a ataques de separaci\u00f3n de respuesta HTTP, provocados por la validaci\u00f3n incorrecta de entradas proporcionadas por el usuario. Un atacante remoto podr\u00eda explotar esta vulnerabilidad para inyectar cabeceras HTTP arbitrarias y provocar que el servidor devuelva una respuesta dividida una vez que se pincha en la URL. Esto permitir\u00eda que el atacante realice m\u00e1s ataques como el envenenamiento de la memoria cach\u00e9 web, Cross-Site Scripting (XSS) y posiblemente la obtenci\u00f3n de informaci\u00f3n sensible. IBM X-Force ID: 140692."}], "id": "CVE-2018-1474", "lastModified": "2020-08-24T17:37:01.140", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "psirt@us.ibm.com", "type": "Secondary"}]}, "published": "2018-12-12T16:29:00.827", "references": [{"source": "psirt@us.ibm.com", "tags": ["VDB Entry", "Vendor Advisory"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/140692"}, {"source": "psirt@us.ibm.com", "tags": ["Vendor Advisory"], "url": "https://www.ibm.com/support/docview.wss?uid=ibm10733605"}], "sourceIdentifier": "psirt@us.ibm.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-74"}], "source": "nvd@nist.gov", "type": "Primary"}]}