What is CVE-2018-1474?

CVE-2018-1474 is a medium-severity vulnerability in Ibm Bigfix Platform. CVSS score: 6.1/10. Published 2018-12-12.

How severe is CVE-2018-1474?

Medium severity. CVSS v3 base score is 6.1 out of 10.

Vulnerability in Ibm Bigfix Platform

CVE-2018-1474

IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9 is vulnerable to HTTP response splitting attacks, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to inject arbitrary H…

EPSS: 0.002 (40.3th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.1 (Medium). Vector: CVSS:3.0/A:N/AC:L/AV:N/C:L/I:L/PR:N/S:C/UI:R/E:U/RC:C/RL:O.

Affected products

Ibm Bigfix Platform — versions 9.2.14, 9.5.9, 9.5.0

References

www.ibm.com/support/docview.wss (x_refsource_CONFIRM)
ibm-bigfix-cve20181474-response-splitting(140692) (vdb-entry, x_refsource_XF)

Frequently asked questions

What is CVE-2018-1474?: CVE-2018-1474 is a medium-severity vulnerability in Ibm Bigfix Platform. CVSS score: 6.1/10. Published 2018-12-12.
How severe is CVE-2018-1474?: Medium severity. CVSS v3 base score is 6.1 out of 10.