Description
IBM DevOps Plan 3.0.0 through 3.0.6 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking
Published: 2026-06-11
Score: 6.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

IBM DevOps Plan versions 3.0.0 through 3.0.6 allow HTTP Host header injection because the application does not properly validate or sanitize the HOST header. An attacker can insert malicious content into the header, potentially leading to cross‑site scripting, cache poisoning, or session hijacking against the vulnerable system.

Affected Systems

The affected product is IBM DevOps Plan, specifically versions 3.0.0, 3.0.1, 3.0.2, 3.0.3, 3.0.4, 3.0.5, and 3.0.6. Versions prior to 3.0.0 or any version above 3.0.6 are not affected as per the supplied list.

Risk and Exploitability

The CVSS score of 6.5 indicates a medium severity risk, and the EPSS score is not available, so the exploitation probability cannot be quantified. The vulnerability is not listed in CISA KEV. Likely exploitation requires remote network access to send a crafted HTTP request with a malicious Host header to the IBM DevOps Plan instance. Once accessed, the attacker could inject scripts or manipulate cache entries or hijack sessions, affecting confidentiality, integrity, and availability of the application and its users.

Generated by OpenCVE AI on June 11, 2026 at 20:38 UTC.

Remediation

Vendor Solution

To mitigate the issue please upgrade to IBM DevOps Plan v3.0.7 https://www.ibm.com/support/pages/devops-plan-307


OpenCVE Recommended Actions

  • Apply the vendor‑provided fix by upgrading IBM DevOps Plan to version 3.0.7 or later.
  • Configure your web server or reverse proxy to validate the Host header against an allowed list of domain names or to reject requests with malformed or missing Host headers.
  • If upgrading is delayed, block or strip the Host header at the edge (e.g., using a firewall rule or WAF) to prevent injection attacks.

Generated by OpenCVE AI on June 11, 2026 at 20:38 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 16 Jun 2026 16:30:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:ibm:devops_plan:*:*:*:*:*:*:*:*

Thu, 11 Jun 2026 17:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Thu, 11 Jun 2026 15:30:00 +0000

Type Values Removed Values Added
Description IBM DevOps Plan 3.0.0 through 3.0.6 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking
Title A vulnerability has been identified in IBM DevOps Plan that allows a Host Header Injection attack due to improper handling of the Host header in HTTP requests.
First Time appeared Ibm
Ibm devops Plan
Weaknesses CWE-644
CPEs cpe:2.3:a:ibm:devops_plan:3.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:devops_plan:3.0.6:*:*:*:*:*:*:*
Vendors & Products Ibm
Ibm devops Plan
References
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: ibm

Published:

Updated: 2026-06-11T16:52:52.339Z

Reserved: 2026-03-12T23:16:12.318Z

Link: CVE-2026-4096

cve-icon Vulnrichment

Updated: 2026-06-11T16:25:55.376Z

cve-icon NVD

Status : Analyzed

Published: 2026-06-11T16:16:24.140

Modified: 2026-06-16T16:23:39.060

Link: CVE-2026-4096

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-11T20:45:10Z

Weaknesses
  • CWE-644

    Improper Neutralization of HTTP Headers for Scripting Syntax