CVE-2018-1588

🗓️ 25 Sep 2018 16:00:00Reported by ibmType

IBM Jazz Foundation XML External Entity Injection vulnerability in versions 5.0-5.02 and 6.0-6.0.6

Reporter	Title	Published	Views	Family All 7
IBM Security Bulletins	Security Bulletin: Multiple Security vulnerabilities affect Rational Engineering Lifecycle Manager	31 Oct 201816:45	–	ibm
CNVD	IBM Jazz Foundation XML External Entity Injection Vulnerability	27 Sep 201800:00	–	cnvd
Cvelist	CVE-2018-1588	25 Sep 201816:00	–	cvelist
EUVD	EUVD-2018-12167	7 Oct 202500:30	–	euvd
NVD	CVE-2018-1588	25 Sep 201815:29	–	nvd
OSV	CVE-2018-1588	25 Sep 201815:29	–	osv
Prion	Xxe	25 Sep 201815:29	–	prion

NVD

Vulners

Node

ibm rational_engineering_lifecycle_managerRange5.0–5.0.2

ibm rational_engineering_lifecycle_managerRange6.0–6.0.6

[
  {
    "product": "Rational Engineering Lifecycle Manager",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "5.0"
      },
      {
        "status": "affected",
        "version": "6.0"
      },
      {
        "status": "affected",
        "version": "6.0.1"
      },
      {
        "status": "affected",
        "version": "6.0.2"
      },
      {
        "status": "affected",
        "version": "6.0.3"
      },
      {
        "status": "affected",
        "version": "6.0.4"
      },
      {
        "status": "affected",
        "version": "6.0.5"
      },
      {
        "status": "affected",
        "version": "6.0.6"
      },
      {
        "status": "affected",
        "version": "5.01"
      },
      {
        "status": "affected",
        "version": "5.02"
      }
    ]
  }
]

Source	Link
ibm	www.ibm.com/support/docview.wss
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/143501

21 Nov 2024 04:00Current

6.8Medium risk

Vulners AI Score6.8

CVSS 25.5

CVSS 37.1

EPSS0.00341

CWE-611