The HTTP host header can be manipulated and cause the application to behave in unexpected ways. Any changes made to the header would cause the request to be sent to a completely different domain/IP address.
History

Fri, 06 Dec 2024 17:15:00 +0000

Type Values Removed Values Added
First Time appeared Hcltech
Hcltech hcl Nomad
CPEs cpe:2.3:a:hcltech:hcl_nomad:*:*:*:*:*:-:*:*
Vendors & Products Hcltech
Hcltech hcl Nomad
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Fri, 06 Dec 2024 16:15:00 +0000

Type Values Removed Values Added
Description The HTTP host header can be manipulated and cause the application to behave in unexpected ways. Any changes made to the header would cause the request to be sent to a completely different domain/IP address.
Title HCL Nomad server on Domino is affected by a host header injection vulnerability
Weaknesses CWE-644
References
Metrics cvssV3_1

{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: HCL

Published: 2024-12-06T15:57:41.869Z

Updated: 2024-12-06T17:01:53.834Z

Reserved: 2024-03-22T23:57:23.589Z

Link: CVE-2024-30129

cve-icon Vulnrichment

Updated: 2024-12-06T17:01:50.607Z

cve-icon NVD

Status : Received

Published: 2024-12-06T16:15:20.777

Modified: 2024-12-06T16:15:20.777

Link: CVE-2024-30129

cve-icon Redhat

No data.