CVE-2015-7400

Name of the Vulnerable Software and Affected Versions IBM Mashup Center version 3.0.0.1

Description The issue allows remote authenticated users to cause a denial of service, specifically CPU consumption, by utilizing an XML external entity declaration in conjunction with an entity reference. This is related to an XML External Entity (XXE) issue.

Recommendations For IBM Mashup Center version 3.0.0.1, consider disabling the XML external entity processing to prevent exploitation until a patch is available. Restrict access to the Lotus Mashups component to minimize the risk of denial of service attacks.