CVE-2016-9691

Name of the Vulnerable Software and Affected Versions IBM WebSphere Cast Iron Solution versions 7.0.0 through 7.5.0.0

Description The issue is caused by an XML External Entity Injection (XXE) error when processing XML data, which could allow a remote attacker to expose highly sensitive information or consume all available memory resources, resulting in a denial of service.

Recommendations For versions 7.0.0 through 7.5.0.0, consider disabling XML processing or restricting access to sensitive data until a patch is available. Restrict access to memory resources to minimize the risk of exploitation.