IBM Cloud Pak for Automation is an intelligent software platform for building automation applications in cloud environments from IBM USA. The platform uses pre-integrated automation technologies and low-code tools to design, build, and run automation applications and services on any cloud.A security vulnerability exists in IBM Cloud Pak for Automation 21.0.1 and 21.0.2 - Business Automation Studio components, which stems from the input of the HOST header improper validation of the HOST header. A remote attacker could use this vulnerability to inject a specially crafted HTTP HOST header to conduct a variety of attacks on vulnerable systems, including cross-site scripting, cache poisoning, or session hijacking.
CPE | Name | Operator | Version |
---|---|---|---|
ibm cloud pak for automation | eq | 21.0.1 | |
ibm cloud pak for automation | eq | 21.0.2 |