CVE-2017-1322

Name of the Vulnerable Software and Affected Versions IBM API Connect version 5.0.6.0

Description The issue allows a remote attacker to perform an XML External Entity Injection (XXE) attack when the software processes XML data. This could lead to the exposure of highly sensitive information or the consumption of memory resources.

Recommendations For IBM API Connect version 5.0.6.0, consider disabling XML processing or restricting access to sensitive data until a fix is available. As a temporary workaround, restrict the use of XML external entities to minimize the risk of exploitation.