IBM Tivoli Application Dependency Discovery Manager (TADDM) is a product in the suite of IT service management solutions from International Business Machines (IBM). The product provides robust automated application mapping and discovery to help administrators understand the structure, state, configuration and change history of business applications. An HTTP header injection vulnerability exists in IBM Tivoli Application Dependency Discovery Manager versions 7.3.0.0 through 7.3.0.10, which stems from a HOST header that does not properly validate input, and can be exploited by an attacker to conduct a variety of attacks on vulnerable systems, including cross-site scripting, cache poisoning, or session hijacking.