CVE-2018-1821

Name of the Vulnerable Software and Affected Versions IBM Operational Decision Management versions 8.5 through 8.9

Description The issue allows a remote attacker to exploit the system through a XML External Entity Injection (XXE) attack when processing XML data, potentially exposing sensitive information or consuming memory resources.

Recommendations For IBM Operational Decision Management versions 8.5 through 8.9, update to a version that includes a fix for this issue to prevent XXE attacks. As a temporary workaround, consider restricting XML data processing to minimize the risk of exploitation.