Lucene search
China National Vulnerability DatabaseCNVD-2022-77516HistoryNov 05, 2022 - 12:00 a.m.
IBM InfoSphere Information Server XML External Entity Injection (XXE) Vulnerability
2022-11-0500:00:00
China National Vulnerability Database
www.cnvd.org.cn
5
ibm infosphere information server
data integration platform
xml external entity injection (xxe)
vulnerability
remote attacker
0.002 Low
EPSS
Percentile
60.2%
IBM InfoSphere Information Server is a data integration platform from International Business Machines (IBM), Inc. The platform can be used to integrate data information obtained from various sources.IBM InfoSphere Information Server version 11.7 contains an XML External Entity Injection (XXE) vulnerability, which stems from vulnerability to XML External Entity Injection (XXE) attacks when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources.
| CPE | Name | Operator | Version |
|---|---|---|---|
| ibm infosphere information server | eq | 11.7 |
Related
cvelist
cvelist
CVE-2022-40747
2022-11-03 00:00:00
prion
prion
Xxe
2022-11-03 20:15:00
ibm
ibm
nvd
nvd
CVE-2022-40747
2022-11-03 20:15:31
cve
cve
CVE-2022-40747
2022-11-03 20:15:31