CVE-2018-1549

Name of the Vulnerable Software and Affected Versions IBM Rational Quality Manager versions 5.0 through 5.0.2 IBM Rational Quality Manager versions 6.0 through 6.0.5

Description The issue allows a remote attacker to exploit the system using specially-crafted URLs, leading to HTTP response splitting attacks. Once the URL is clicked, the server returns a split response, enabling the attacker to perform further attacks, such as Web cache poisoning, cross-site scripting, and possibly obtain sensitive information.

Recommendations For IBM Rational Quality Manager versions 5.0 through 5.0.2, update to a version outside of this range to resolve the issue. For IBM Rational Quality Manager versions 6.0 through 6.0.5, update to a version outside of this range to resolve the issue. As a temporary workaround, consider restricting access to specially-crafted URLs to minimize the risk of exploitation.