EUVD-2018-12380

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

IBM App Connect and Integration Bus versions are vulnerable to XML External Entity Injection attacks

Reporter	Title	Published	Views	Family All 6
CNVD	IBM App Connect, Integration Bus and WebSphere Message Broker XLXP-C Component Denial of Service Vulnerability	1 Feb 201900:00	–	cnvd
CVE	CVE-2018-1801	4 Feb 201921:00	–	cve
Cvelist	CVE-2018-1801	4 Feb 201921:00	–	cvelist
NVD	CVE-2018-1801	4 Feb 201921:29	–	nvd
OSV	CVE-2018-1801	4 Feb 201921:29	–	osv
Prion	Xxe	4 Feb 201921:29	–	prion

[
  {
    "enisaIdVendor": [
      {
        "id": "141388dd-c38c-381c-94a1-e41594333572",
        "vendor": {
          "name": "IBM"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "27506775-8407-390b-aaa8-c2b01cb2414c",
        "product": {
          "name": "Integration Bus"
        },
        "product_version": "10.0.0.13"
      },
      {
        "id": "3c28cab5-e440-34f7-8d56-3d1835e759ae",
        "product": {
          "name": "WebSphere Message Broker"
        },
        "product_version": "8.0.0.0"
      },
      {
        "id": "6feb9e1f-b462-3eb9-b7c7-b0310f74d8d1",
        "product": {
          "name": "Integration Bus"
        },
        "product_version": "9.0.0.10"
      },
      {
        "id": "76708e1d-e184-3e06-9a0a-6fffb390b3d7",
        "product": {
          "name": "App Connect"
        },
        "product_version": "11.0.0.1"
      },
      {
        "id": "a73bdac8-42cc-399f-a8ad-e7ac0b5fc0a3",
        "product": {
          "name": "App Connect"
        },
        "product_version": "11.0.0.0"
      },
      {
        "id": "c4ac8548-2200-3f96-ab44-1dfdf683fed8",
        "product": {
          "name": "WebSphere Message Broker"
        },
        "product_version": "8.0.0.9"
      },
      {
        "id": "d2f8f678-7bcc-37f8-ac7c-b25cb4f727e7",
        "product": {
          "name": "Integration Bus"
        },
        "product_version": "9.0.0.0"
      },
      {
        "id": "fe197173-b532-393e-85cb-189850a79f6f",
        "product": {
          "name": "Integration Bus"
        },
        "product_version": "10.0.0.0"
      }
    ]
  }
]

Source	Link
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/149639
ibm	www.ibm.com/support/docview.wss
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

5.5Medium risk

Vulners AI Score5.5

CVSS 35.3

CVSS 25

EPSS0.00275