CVE-2013-5372

Name of the Vulnerable Software and Affected Versions IBM WebSphere Message Broker versions 6.1 through 6.1.0.12 IBM WebSphere Message Broker versions 7.0 through 7.0.0.7 IBM WebSphere Message Broker versions 8.0 through 8.0.0.4 IBM Integration Bus versions 9.0 through 9.0.0.1

Description The issue allows remote attackers to cause a denial of service, resulting in memory consumption, via a crafted XML document that triggers expansion for many entities. This could result in a complete availability impact on the affected system.

Recommendations For IBM WebSphere Message Broker version 6.1, update to version 6.1.0.12 or later. For IBM WebSphere Message Broker version 7.0, update to version 7.0.0.7 or later. For IBM WebSphere Message Broker version 8.0, update to version 8.0.0.4 or later. For IBM Integration Bus version 9.0, update to version 9.0.0.1 or later.