CVE-2018-1727

Name of the Vulnerable Software and Affected Versions IBM InfoSphere Information Server versions 9.1, 11.3, 11.5, 11.7

Description The issue allows a remote attacker to exploit the vulnerability to expose sensitive information or consume memory resources through a XML External Entity Injection (XXE) attack when processing XML data.

Recommendations For versions 9.1, 11.3, 11.5, 11.7, update to a version that includes a fix for this issue to prevent XXE attacks. As a temporary workaround, consider restricting XML data processing to minimize the risk of exploitation.