CVE-2019-4461 - OpenCVE

IBM Cloud Orchestrator 2.4 through 2.4.0.5 and 2.5 through 2.5.0.9 is vulnerable to HTTP Response Splitting caused by improper caching of content. This would allow the attacker to perform further attacks, such as Web Cache poisoning, cross-site scripting and possibly obtain sensitive information. IBM X-Force ID: 163682.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication Single

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:M/Au:S/C:N/I:P/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Ibm	Cloud Orchestrator

Configuration 1 [-]

OR	cpe:2.3:a:ibm:cloud_orchestrator:::::-:::*
	cpe:2.3:a:ibm:cloud_orchestrator:::::enterprise:::*
	cpe:2.3:a:ibm:cloud_orchestrator:::::-:::*
	cpe:2.3:a:ibm:cloud_orchestrator:::::enterprise:::*

References

Link	Resource
https://exchange.xforce.ibmcloud.com/vulnerabilities/163682	VDB Entry Vendor Advisory
https://www.ibm.com/support/pages/node/1072684	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: ibm

Published: 2019-10-23T00:00:00

Updated: 2019-10-25T16:30:37

Reserved: 2019-01-03T00:00:00

Link: CVE-2019-4461

JSON object: View

NVD Information

Status : Analyzed

Published: 2019-10-25T17:15:11.710

Modified: 2020-08-24T17:37:01.140

Link: CVE-2019-4461

JSON object: View

Redhat Information

No data.

CWE

CWE-74

{"containers": {"cna": {"affected": [{"product": "Cloud Orchestrator", "vendor": "IBM", "versions": [{"status": "affected", "version": "2.4"}, {"status": "affected", "version": "2.4.0.1"}, {"status": "affected", "version": "2.4.0.2"}, {"status": "affected", "version": "2.5"}, {"status": "affected", "version": "2.5.0.1"}, {"status": "affected", "version": "2.4.0.3"}, {"status": "affected", "version": "2.5.0.2"}, {"status": "affected", "version": "2.4.0.4"}, {"status": "affected", "version": "2.5.0.3"}, {"status": "affected", "version": "2.5.0.4"}, {"status": "affected", "version": "2.4.0.5"}, {"status": "affected", "version": "2.5.0.5"}, {"status": "affected", "version": "2.5.0.6"}, {"status": "affected", "version": "2.5.0.7"}, {"status": "affected", "version": "2.5.0.8"}, {"status": "affected", "version": "2.5.0.9"}]}], "datePublic": "2019-10-23T00:00:00", "descriptions": [{"lang": "en", "value": "IBM Cloud Orchestrator 2.4 through 2.4.0.5 and 2.5 through 2.5.0.9 is vulnerable to HTTP Response Splitting caused by improper caching of content. This would allow the attacker to perform further attacks, such as Web Cache poisoning, cross-site scripting and possibly obtain sensitive information. IBM X-Force ID: 163682."}], "metrics": [{"cvssV3_0": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "exploitCodeMaturity": "UNPROVEN", "integrityImpact": "LOW", "privilegesRequired": "LOW", "remediationLevel": "OFFICIAL_FIX", "reportConfidence": "CONFIRMED", "scope": "CHANGED", "temporalScore": 4.7, "temporalSeverity": "MEDIUM", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/I:L/PR:L/S:C/C:L/A:N/UI:R/E:U/RL:O/RC:C", "version": "3.0"}}], "problemTypes": [{"descriptions": [{"description": "Gain Access", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2019-10-25T16:30:37", "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://www.ibm.com/support/pages/node/1072684"}, {"name": "ibm-co-cve20194461-response-splitting (163682)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/163682"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@us.ibm.com", "DATE_PUBLIC": "2019-10-23T00:00:00", "ID": "CVE-2019-4461", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Cloud Orchestrator", "version": {"version_data": [{"version_value": "2.4"}, {"version_value": "2.4.0.1"}, {"version_value": "2.4.0.2"}, {"version_value": "2.5"}, {"version_value": "2.5.0.1"}, {"version_value": "2.4.0.3"}, {"version_value": "2.5.0.2"}, {"version_value": "2.4.0.4"}, {"version_value": "2.5.0.3"}, {"version_value": "2.5.0.4"}, {"version_value": "2.4.0.5"}, {"version_value": "2.5.0.5"}, {"version_value": "2.5.0.6"}, {"version_value": "2.5.0.7"}, {"version_value": "2.5.0.8"}, {"version_value": "2.5.0.9"}]}}]}, "vendor_name": "IBM"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "IBM Cloud Orchestrator 2.4 through 2.4.0.5 and 2.5 through 2.5.0.9 is vulnerable to HTTP Response Splitting caused by improper caching of content. This would allow the attacker to perform further attacks, such as Web Cache poisoning, cross-site scripting and possibly obtain sensitive information. IBM X-Force ID: 163682."}]}, "impact": {"cvssv3": {"BM": {"A": "N", "AC": "L", "AV": "N", "C": "L", "I": "L", "PR": "L", "S": "C", "UI": "R"}, "TM": {"E": "U", "RC": "C", "RL": "O"}}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Gain Access"}]}]}, "references": {"reference_data": [{"name": "https://www.ibm.com/support/pages/node/1072684", "refsource": "CONFIRM", "title": "IBM Security Bulletin 1072684 (Cloud Orchestrator)", "url": "https://www.ibm.com/support/pages/node/1072684"}, {"name": "ibm-co-cve20194461-response-splitting (163682)", "refsource": "XF", "title": "X-Force Vulnerability Report", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/163682"}]}}}}, "cveMetadata": {"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "assignerShortName": "ibm", "cveId": "CVE-2019-4461", "datePublished": "2019-10-23T00:00:00", "dateReserved": "2019-01-03T00:00:00", "dateUpdated": "2019-10-25T16:30:37", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:cloud_orchestrator:*:*:*:*:-:*:*:*", "matchCriteriaId": "C122C107-AD04-48A7-8C95-9907063E45F8", "versionEndIncluding": "2.4.0.5", "versionStartIncluding": "2.4.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:cloud_orchestrator:*:*:*:*:enterprise:*:*:*", "matchCriteriaId": "A033CBB2-4F3C-43D9-A0C4-E0DDFB4EE702", "versionEndIncluding": "2.4.0.5", "versionStartIncluding": "2.4.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:cloud_orchestrator:*:*:*:*:-:*:*:*", "matchCriteriaId": "E61F3D16-BB6E-4FA4-A3C2-A05F3C613C8A", "versionEndIncluding": "2.5.0.9", "versionStartIncluding": "2.5.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:cloud_orchestrator:*:*:*:*:enterprise:*:*:*", "matchCriteriaId": "6661F2D4-F106-4FA9-B40D-CDD562FCAE91", "versionEndIncluding": "2.5.0.9", "versionStartIncluding": "2.5.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "IBM Cloud Orchestrator 2.4 through 2.4.0.5 and 2.5 through 2.5.0.9 is vulnerable to HTTP Response Splitting caused by improper caching of content. This would allow the attacker to perform further attacks, such as Web Cache poisoning, cross-site scripting and possibly obtain sensitive information. IBM X-Force ID: 163682."}, {"lang": "es", "value": "IBM Cloud Orchestrator versiones 2.4 hasta 2.4.0.5 y versiones 2.5 hasta 2.5.0.9, es vulnerable a una Divisi\u00f3n de Respuesta HTTP causada por el almacenamiento en cach\u00e9 inapropiado del contenido. Esto permitir\u00eda al atacante realizar futuros ataques, como envenenamiento de la memoria Cach\u00e9 Web, un cross-site scripting y posiblemente obtener informaci\u00f3n confidencial. ID de IBM X-Force: 163682."}], "id": "CVE-2019-4461", "lastModified": "2020-08-24T17:37:01.140", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 3.5, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.0"}, "exploitabilityScore": 2.3, "impactScore": 2.7, "source": "psirt@us.ibm.com", "type": "Secondary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-10-25T17:15:11.710", "references": [{"source": "psirt@us.ibm.com", "tags": ["VDB Entry", "Vendor Advisory"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/163682"}, {"source": "psirt@us.ibm.com", "tags": ["Vendor Advisory"], "url": "https://www.ibm.com/support/pages/node/1072684"}], "sourceIdentifier": "psirt@us.ibm.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-74"}], "source": "nvd@nist.gov", "type": "Primary"}]}