CVE-2018-1588

Name of the Vulnerable Software and Affected Versions IBM Jazz Foundation versions 5.0 through 5.02 IBM Jazz Foundation versions 6.0 through 6.0.6

Description The issue allows a remote attacker to exploit the vulnerability to expose sensitive information or consume memory resources through a XML External Entity Injection (XXE) attack when processing XML data.

Recommendations For versions 5.0 through 5.02, update to a version outside of this range to mitigate the risk. For versions 6.0 through 6.0.6, update to a version outside of this range to mitigate the risk. As a temporary workaround, consider restricting the processing of external XML entities to minimize the risk of exploitation.