PT-2018-4622 · Ibm · Ibm Forms Experience Builder

Publicado

2018-02-21

·

Atualizado

2018-03-17

·

CVE-2016-0369

CVSS v2.0

4.0

Média

VetorAV:N/AC:L/Au:S/C:P/I:N/A:N
Name of the Vulnerable Software and Affected Versions IBM Forms Experience Builder versions 8.5 through 8.6
Description The issue allows remote authenticated users to obtain sensitive information via crafted XML data, specifically through an XML external entity (XXE) vulnerability.
Recommendations For IBM Forms Experience Builder versions 8.5 through 8.6, update to a version that includes a fix for this issue to prevent exploitation.

Correção

XXE

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-611

Identificadores relacionados

CVE-2016-0369

Produtos afetados

Ibm Forms Experience Builder