Summary IBM Tivoli Application Dependency Discovery Manager is vulnerable to denial of service due to multiple vulnerabilities. Vulnerability Details ** CVEID: CVE-2023-47143 DESCRIPTION: **IBM Tivoli Application Dependency Discovery Manager is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. CVSS Base score: 6.5 CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/270270 for the current score. CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N) ** CVEID: CVE-2023-47144 DESCRIPTION: **IBM Tivoli Application Dependency Discovery Manager is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. CVSS Base score: 6.1 CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/270271 for the current score. CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) ** CVEID: CVE-2023-47142 DESCRIPTION: **IBM Tivoli Application Dependency Discovery Manager could allow an attacker on the organization's local network to escalate their privileges due to unauthorized API access. CVSS Base score: 7.5 CVSS Temporal Score: See: …Read More