CWE-644
Improper Neutralization of HTTP Headers for Scripting Syntax
The product does not neutralize or incorrectly neutralizes web scripting syntax in HTTP headers that can be used by web browser components that can process raw headers, such as Flash.
CVE-2017-6031 (GCVE-0-2017-6031)
Vulnerability from cvelistv5
Published
2017-05-06 00:00
Modified
2024-08-05 15:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
A Header Injection issue was discovered in Certec EDV GmbH atvise scada prior to Version 3.0. An "improper neutralization of HTTP headers for scripting syntax" issue has been identified, which may allow remote code execution.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Certec EDV GmbH atvise scada |
Version: Certec EDV GmbH atvise scada |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T15:18:49.530Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-096-01A"
},
{
"name": "97479",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97479"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Certec EDV GmbH atvise scada",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Certec EDV GmbH atvise scada"
}
]
}
],
"datePublic": "2017-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A Header Injection issue was discovered in Certec EDV GmbH atvise scada prior to Version 3.0. An \"improper neutralization of HTTP headers for scripting syntax\" issue has been identified, which may allow remote code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-644",
"description": "CWE-644",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-05-08T09:57:01",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-096-01A"
},
{
"name": "97479",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97479"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2017-6031",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Certec EDV GmbH atvise scada",
"version": {
"version_data": [
{
"version_value": "Certec EDV GmbH atvise scada"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Header Injection issue was discovered in Certec EDV GmbH atvise scada prior to Version 3.0. An \"improper neutralization of HTTP headers for scripting syntax\" issue has been identified, which may allow remote code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-644"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-17-096-01A",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-096-01A"
},
{
"name": "97479",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97479"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2017-6031",
"datePublished": "2017-05-06T00:00:00",
"dateReserved": "2017-02-16T00:00:00",
"dateUpdated": "2024-08-05T15:18:49.530Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-6982 (GCVE-0-2020-6982)
Vulnerability from cvelistv5
Published
2020-03-24 20:04
Modified
2024-08-04 09:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-644 - IMPROPER NEUTRALIZATION OF HTTP HEADERS FOR SCRIPTING SYNTAX
Summary
In Honeywell WIN-PAK 4.7.2, Web and prior versions, the header injection vulnerability has been identified, which may allow remote code execution.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Honeywell WIN-PAK 4.7.2, Web and prior versions |
Version: Honeywell WIN-PAK 4.7.2, Web and prior versions |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:18:03.074Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-056-05"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Honeywell WIN-PAK 4.7.2, Web and prior versions",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Honeywell WIN-PAK 4.7.2, Web and prior versions"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Honeywell WIN-PAK 4.7.2, Web and prior versions, the header injection vulnerability has been identified, which may allow remote code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-644",
"description": "IMPROPER NEUTRALIZATION OF HTTP HEADERS FOR SCRIPTING SYNTAX CWE-644",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-24T20:04:38",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-056-05"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2020-6982",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Honeywell WIN-PAK 4.7.2, Web and prior versions",
"version": {
"version_data": [
{
"version_value": "Honeywell WIN-PAK 4.7.2, Web and prior versions"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Honeywell WIN-PAK 4.7.2, Web and prior versions, the header injection vulnerability has been identified, which may allow remote code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "IMPROPER NEUTRALIZATION OF HTTP HEADERS FOR SCRIPTING SYNTAX CWE-644"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.us-cert.gov/ics/advisories/icsa-20-056-05",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsa-20-056-05"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2020-6982",
"datePublished": "2020-03-24T20:04:38",
"dateReserved": "2020-01-14T00:00:00",
"dateUpdated": "2024-08-04T09:18:03.074Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-20784 (GCVE-0-2021-20784)
Vulnerability from cvelistv5
Published
2021-07-14 01:20
Modified
2024-12-03 01:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-644 - Improper Neutralization of HTTP Headers for Scripting Syntax
Summary
HTTP header injection vulnerability in Everything version 1.0, 1.1, and 1.2 except the Lite version may allow a remote attacker to inject an arbitrary script or alter the website that uses the product.
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | voidtools | Everything |
Version: all versions of 1.0 (Everything 1.0 series) except the Lite version |
|||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:53:22.489Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.voidtools.com/downloads/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.voidtools.com/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN68971465/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Everything",
"vendor": "voidtools",
"versions": [
{
"status": "affected",
"version": "all versions of 1.0 (Everything 1.0 series) except the Lite version"
}
]
},
{
"product": "Everything",
"vendor": "voidtools",
"versions": [
{
"status": "affected",
"version": "all versions of 1.1 (Everything 1.1 series) except the Lite version"
}
]
},
{
"product": "Everything",
"vendor": "voidtools",
"versions": [
{
"status": "affected",
"version": "all versions of 1.2 (Everything 1.2 series) except the Lite version"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "HTTP header injection vulnerability in Everything version 1.0, 1.1, and 1.2 except the Lite version may allow a remote attacker to inject an arbitrary script or alter the website that uses the product."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-644",
"description": "Improper Neutralization of HTTP Headers for Scripting Syntax",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-03T01:14:05.653Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"url": "https://www.voidtools.com/downloads/"
},
{
"url": "https://www.voidtools.com/"
},
{
"url": "https://jvn.jp/en/jp/JVN68971465/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2021-20784",
"datePublished": "2021-07-14T01:20:29",
"dateReserved": "2020-12-17T00:00:00",
"dateUpdated": "2024-12-03T01:14:05.653Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-21265 (GCVE-0-2021-21265)
Vulnerability from cvelistv5
Published
2021-03-10 21:15
Modified
2025-05-29 23:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-644 - Improper Neutralization of HTTP Headers for Scripting Syntax
Summary
October is a free, open-source, self-hosted CMS platform based on the Laravel PHP Framework. In October before version 1.1.2, when running on poorly configured servers (i.e. the server routes any request, regardless of the HOST header to an October CMS instance) the potential exists for Host Header Poisoning attacks to succeed. This has been addressed in version 1.1.2 by adding a feature to allow a set of trusted hosts to be specified in the application. As a workaround one may set the configuration setting cms.linkPolicy to force.
References
| ► | URL | Tags |
|---|---|---|
|
|
||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| octobercms | october |
Version: < 1.1.2 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:09:15.269Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/octobercms/october/security/advisories/GHSA-xhfx-hgmf-v6vp"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/octobercms/library/commit/f86fcbcd066d6f8b939e8fe897409d152b11c3c6"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/octobercms/october/commit/f638d3f78cfe91d7f6658820f9d5e424306a3db0"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "october",
"vendor": "octobercms",
"versions": [
{
"status": "affected",
"version": "\u003c 1.1.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "October is a free, open-source, self-hosted CMS platform based on the Laravel PHP Framework. In October before version 1.1.2, when running on poorly configured servers (i.e. the server routes any request, regardless of the HOST header to an October CMS instance) the potential exists for Host Header Poisoning attacks to succeed. This has been addressed in version 1.1.2 by adding a feature to allow a set of trusted hosts to be specified in the application. As a workaround one may set the configuration setting cms.linkPolicy to force."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-644",
"description": "CWE-644: Improper Neutralization of HTTP Headers for Scripting Syntax",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-29T23:27:29.528Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/octobercms/october/security/advisories/GHSA-xhfx-hgmf-v6vp",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/octobercms/october/security/advisories/GHSA-xhfx-hgmf-v6vp"
},
{
"name": "https://github.com/octobercms/library/commit/f29865ae3db7a03be7c49294cd93980ec457f10d",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/octobercms/library/commit/f29865ae3db7a03be7c49294cd93980ec457f10d"
},
{
"name": "https://github.com/octobercms/library/commit/f86fcbcd066d6f8b939e8fe897409d152b11c3c6",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/octobercms/library/commit/f86fcbcd066d6f8b939e8fe897409d152b11c3c6"
},
{
"name": "https://github.com/octobercms/october/commit/555ab61f2313f45d7d5d138656420ead536c5d30",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/octobercms/october/commit/555ab61f2313f45d7d5d138656420ead536c5d30"
},
{
"name": "https://github.com/octobercms/october/commit/f638d3f78cfe91d7f6658820f9d5e424306a3db0",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/octobercms/october/commit/f638d3f78cfe91d7f6658820f9d5e424306a3db0"
},
{
"name": "https://packagist.org/packages/october/backend",
"tags": [
"x_refsource_MISC"
],
"url": "https://packagist.org/packages/october/backend"
}
],
"source": {
"advisory": "GHSA-xhfx-hgmf-v6vp",
"discovery": "UNKNOWN"
},
"title": "October CMS vulnerable to Potential Host Header Poisoning on misconfigured servers"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2021-21265",
"datePublished": "2021-03-10T21:15:15",
"dateReserved": "2020-12-22T00:00:00",
"dateUpdated": "2025-05-29T23:27:29.528Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-38997 (GCVE-0-2021-38997)
Vulnerability from cvelistv5
Published
2022-12-01 17:00
Modified
2025-04-23 15:11
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-644 - Improper Neutralization of HTTP Headers for Scripting Syntax
Summary
IBM API Connect V10.0.0.0 through V10.0.5.0, V10.0.1.0 through V10.0.1.7, and V2018.4.1.0 through 2018.4.1.19 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 213212.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM | API Connect |
Version: 10.0.0.0 ≤ Version: 10.0.1.0 ≤ Version: 2018.4.1.0 ≤ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:58:17.566Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.ibm.com/support/pages/node/6842621"
},
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/213212"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-38997",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T15:10:46.950448Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T15:11:05.790Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "API Connect",
"vendor": "IBM",
"versions": [
{
"lessThan": "10.0.5.0",
"status": "affected",
"version": "10.0.0.0",
"versionType": "semver"
},
{
"lessThan": "10.0.1.7",
"status": "affected",
"version": "10.0.1.0",
"versionType": "semver"
},
{
"lessThan": "2018.4.1.19",
"status": "affected",
"version": "2018.4.1.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "IBM API Connect V10.0.0.0 through V10.0.5.0, V10.0.1.0 through V10.0.1.7, and V2018.4.1.0 through 2018.4.1.19 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 213212."
}
],
"value": "IBM API Connect V10.0.0.0 through V10.0.5.0, V10.0.1.0 through V10.0.1.7, and V2018.4.1.0 through 2018.4.1.19 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 213212."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-644",
"description": "CWE-644 Improper Neutralization of HTTP Headers for Scripting Syntax",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-12T01:49:10.008Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.ibm.com/support/pages/node/6842621"
},
{
"tags": [
"vdb-entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/213212"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "IBM API Connect HOST header injection",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2021-38997",
"datePublished": "2022-12-01T17:00:59.602Z",
"dateReserved": "2021-08-16T18:59:46.256Z",
"dateUpdated": "2025-04-23T15:11:05.790Z",
"requesterUserId": "520cc88b-a1c8-44f6-9154-21a4d74c769f",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-41114 (GCVE-0-2021-41114)
Vulnerability from cvelistv5
Published
2021-10-05 17:15
Modified
2024-08-04 02:59
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
TYPO3 is an open source PHP based web content management system released under the GNU GPL. It has been discovered that TYPO3 CMS is susceptible to host spoofing due to improper validation of the HTTP Host header. TYPO3 uses the HTTP Host header, for example, to generate absolute URLs during the frontend rendering process. Since the host header itself is provided by the client, it can be forged to any value, even in a name-based virtual hosts environment. This vulnerability is the same as described in TYPO3-CORE-SA-2014-001 (CVE-2014-3941). A regression, introduced during TYPO3 v11 development, led to this situation. The already existing setting $GLOBALS['TYPO3_CONF_VARS']['SYS']['trustedHostsPattern'] (used as an effective mitigation strategy in previous TYPO3 versions) was not evaluated anymore, and reintroduced the vulnerability.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:59:31.581Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-m2jh-fxw4-gphm"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/TYPO3/typo3/commit/5cbff85506cebe343e5ae59228977547cf8e3cf4"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://typo3.org/security/advisory/typo3-core-sa-2021-015"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "typo3",
"vendor": "TYPO3",
"versions": [
{
"status": "affected",
"version": "\u003e= 11.0.0, \u003c 11.5.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "TYPO3 is an open source PHP based web content management system released under the GNU GPL. It has been discovered that TYPO3 CMS is susceptible to host spoofing due to improper validation of the HTTP Host header. TYPO3 uses the HTTP Host header, for example, to generate absolute URLs during the frontend rendering process. Since the host header itself is provided by the client, it can be forged to any value, even in a name-based virtual hosts environment. This vulnerability is the same as described in TYPO3-CORE-SA-2014-001 (CVE-2014-3941). A regression, introduced during TYPO3 v11 development, led to this situation. The already existing setting $GLOBALS[\u0027TYPO3_CONF_VARS\u0027][\u0027SYS\u0027][\u0027trustedHostsPattern\u0027] (used as an effective mitigation strategy in previous TYPO3 versions) was not evaluated anymore, and reintroduced the vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20: Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-644",
"description": "CWE-644: Improper Neutralization of HTTP Headers for Scripting Syntax",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-05T17:15:11",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-m2jh-fxw4-gphm"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/TYPO3/typo3/commit/5cbff85506cebe343e5ae59228977547cf8e3cf4"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://typo3.org/security/advisory/typo3-core-sa-2021-015"
}
],
"source": {
"advisory": "GHSA-m2jh-fxw4-gphm",
"discovery": "UNKNOWN"
},
"title": " HTTP Host Header Injection in Request Handling in Typo3",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2021-41114",
"STATE": "PUBLIC",
"TITLE": " HTTP Host Header Injection in Request Handling in Typo3"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "typo3",
"version": {
"version_data": [
{
"version_value": "\u003e= 11.0.0, \u003c 11.5.0"
}
]
}
}
]
},
"vendor_name": "TYPO3"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "TYPO3 is an open source PHP based web content management system released under the GNU GPL. It has been discovered that TYPO3 CMS is susceptible to host spoofing due to improper validation of the HTTP Host header. TYPO3 uses the HTTP Host header, for example, to generate absolute URLs during the frontend rendering process. Since the host header itself is provided by the client, it can be forged to any value, even in a name-based virtual hosts environment. This vulnerability is the same as described in TYPO3-CORE-SA-2014-001 (CVE-2014-3941). A regression, introduced during TYPO3 v11 development, led to this situation. The already existing setting $GLOBALS[\u0027TYPO3_CONF_VARS\u0027][\u0027SYS\u0027][\u0027trustedHostsPattern\u0027] (used as an effective mitigation strategy in previous TYPO3 versions) was not evaluated anymore, and reintroduced the vulnerability."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20: Improper Input Validation"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-644: Improper Neutralization of HTTP Headers for Scripting Syntax"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/TYPO3/typo3/security/advisories/GHSA-m2jh-fxw4-gphm",
"refsource": "CONFIRM",
"url": "https://github.com/TYPO3/typo3/security/advisories/GHSA-m2jh-fxw4-gphm"
},
{
"name": "https://github.com/TYPO3/typo3/commit/5cbff85506cebe343e5ae59228977547cf8e3cf4",
"refsource": "MISC",
"url": "https://github.com/TYPO3/typo3/commit/5cbff85506cebe343e5ae59228977547cf8e3cf4"
},
{
"name": "https://typo3.org/security/advisory/typo3-core-sa-2021-015",
"refsource": "MISC",
"url": "https://typo3.org/security/advisory/typo3-core-sa-2021-015"
}
]
},
"source": {
"advisory": "GHSA-m2jh-fxw4-gphm",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2021-41114",
"datePublished": "2021-10-05T17:15:11",
"dateReserved": "2021-09-15T00:00:00",
"dateUpdated": "2024-08-04T02:59:31.581Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-22399 (GCVE-0-2022-22399)
Vulnerability from cvelistv5
Published
2024-03-05 19:58
Modified
2024-08-03 03:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-644 - Improper Neutralization of HTTP Headers for Scripting Syntax
Summary
IBM Aspera Faspex 5.0.0 and 5.0.1 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 222562.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM | Aspera Faspex |
Version: 5.0.0, 5.0.1 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-22399",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-06T19:12:27.461578Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:16:30.914Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:14:54.693Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.ibm.com/support/pages/node/6618959"
},
{
"tags": [
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/222562"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Aspera Faspex",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "5.0.0, 5.0.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "IBM Aspera Faspex 5.0.0 and 5.0.1 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 222562."
}
],
"value": "IBM Aspera Faspex 5.0.0 and 5.0.1 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 222562."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-644",
"description": "CWE-644 Improper Neutralization of HTTP Headers for Scripting Syntax",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-05T19:58:53.516Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.ibm.com/support/pages/node/6618959"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/222562"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "IBM Aspera Faspex HTTP header injection",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2022-22399",
"datePublished": "2024-03-05T19:58:53.516Z",
"dateReserved": "2022-01-03T22:29:20.950Z",
"dateUpdated": "2024-08-03T03:14:54.693Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-34316 (GCVE-0-2022-34316)
Vulnerability from cvelistv5
Published
2022-11-14 18:47
Modified
2025-04-30 15:05
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-644
- The application does not neutralize or incorrectly neutralizes web scripting syntax in HTTP headers that can be used by web browser components that can process raw headers, such as Flash.
Summary
IBM CICS TX 11.1 does not neutralize or incorrectly neutralizes web scripting syntax in HTTP headers that can be used by web browser components that can process raw headers. IBM X-Force ID: 229452.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T09:07:16.086Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.ibm.com/support/pages/node/6833176"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.ibm.com/support/pages/node/6833178"
},
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/229452"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-34316",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-30T15:03:52.527805Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-30T15:05:23.387Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "CICS TX",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "11.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(204, 217, 226);\"\u003eIBM CICS TX 11.1 does not neutralize or incorrectly neutralizes web scripting syntax in HTTP headers that can be used by web browser components that can process raw headers. IBM X-Force ID: 229452.\u003c/span\u003e\n\n"
}
],
"value": "\nIBM CICS TX 11.1 does not neutralize or incorrectly neutralizes web scripting syntax in HTTP headers that can be used by web browser components that can process raw headers. IBM X-Force ID: 229452.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-644",
"description": "CWE-644",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"description": "The application does not neutralize or incorrectly neutralizes web scripting syntax in HTTP headers that can be used by web browser components that can process raw headers, such as Flash.",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-14T18:47:00.784Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.ibm.com/support/pages/node/6833176"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://www.ibm.com/support/pages/node/6833178"
},
{
"tags": [
"vdb-entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/229452"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "IBM CICS TX information disclosure",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2022-34316",
"datePublished": "2022-11-14T18:47:00.784Z",
"dateReserved": "2022-06-22T15:44:19.312Z",
"dateUpdated": "2025-04-30T15:05:23.387Z",
"requesterUserId": "69938c14-a5a2-41ac-a450-71ed41911136",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-43847 (GCVE-0-2022-43847)
Vulnerability from cvelistv5
Published
2025-04-14 20:22
Modified
2025-08-15 15:20
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-644 - Improper Neutralization of HTTP Headers for Scripting Syntax
Summary
IBM Aspera Console 3.4.0 through 3.4.4
is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM | Aspera Console |
Version: 3.4.0 ≤ 3.4.4 cpe:2.3:a:ibm:aspera_console:3.4.0:*:*:*:*:*:*:* cpe:2.3:a:ibm:aspera_console:3.4.4:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-43847",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-14T20:51:48.496839Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-14T20:51:54.166Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:ibm:aspera_console:3.4.0:*:*:*:*:*:*:*",
"cpe:2.3:a:ibm:aspera_console:3.4.4:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Aspera Console",
"vendor": "IBM",
"versions": [
{
"lessThanOrEqual": "3.4.4",
"status": "affected",
"version": "3.4.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "IBM Aspera Console 3.4.0 through 3.4.4 \n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eis vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking.\u003c/span\u003e"
}
],
"value": "IBM Aspera Console 3.4.0 through 3.4.4 \n\nis vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-644",
"description": "CWE-644 Improper Neutralization of HTTP Headers for Scripting Syntax",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-15T15:20:08.916Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://www.ibm.com/support/pages/node/7169766"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "IBM Aspera Console HTTP header injection",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2022-43847",
"datePublished": "2025-04-14T20:22:01.813Z",
"dateReserved": "2022-10-26T15:46:22.821Z",
"dateUpdated": "2025-08-15T15:20:08.916Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-45102 (GCVE-0-2022-45102)
Vulnerability from cvelistv5
Published
2023-02-01 05:11
Modified
2025-03-26 20:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-644 - Improper Neutralization of HTTP Headers for Scripting Syntax
Summary
Dell EMC Data Protection Central, versions 19.1 through 19.7, contains a Host Header Injection vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability by injecting arbitrary \u2018Host\u2019 header values to poison a web cache or trigger redirections.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Dell | Data Protection Central |
Version: 19.1 < |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T14:01:31.554Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000206329/dsa-2022-348-dell-emc-data-protection-central-security-update-for-proprietary-code-vulnerability"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-45102",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-26T20:06:10.109333Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-26T20:06:17.266Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Data Protection Central",
"vendor": "Dell",
"versions": [
{
"lessThanOrEqual": "19.7",
"status": "affected",
"version": "19.1",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-12-15T17:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cdiv\u003e\u003cdiv\u003eDell EMC Data Protection Central, versions 19.1 through 19.7, contains a Host Header Injection vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability by injecting arbitrary \\u2018Host\\u2019 header values to poison a web cache or trigger redirections.\u003c/div\u003e\u003c/div\u003e\n\n"
}
],
"value": "\nDell EMC Data Protection Central, versions 19.1 through 19.7, contains a Host Header Injection vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability by injecting arbitrary \\u2018Host\\u2019 header values to poison a web cache or trigger redirections.\n\n\n\n\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-644",
"description": "CWE-644: Improper Neutralization of HTTP Headers for Scripting Syntax",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-01T05:11:30.285Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000206329/dsa-2022-348-dell-emc-data-protection-central-security-update-for-proprietary-code-vulnerability"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2022-45102",
"datePublished": "2023-02-01T05:11:30.285Z",
"dateReserved": "2022-11-09T15:48:33.040Z",
"dateUpdated": "2025-03-26T20:06:17.266Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation
Phase: Architecture and Design
Description:
- Perform output validation in order to filter/escape/encode unsafe data that is being passed from the server in an HTTP response header.
Mitigation
Phase: Architecture and Design
Description:
- Disable script execution functionality in the clients' browser.
No CAPEC attack patterns related to this CWE.