Xxe

2019-04-0214:29:00

PRIOn knowledge base

www.prio-n.com

6.8 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

57.7%

JSON

IBM Sterling B2B Integrator Standard Edition 5.2.0 snf 6.0.0.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 156239.

CPENameOperatorVersion
sterling_b2b_integratoreq6.0.0.0
sterling_b2b_integratorge5.2
sterling_b2b_integratorle5.2.6.4

Name	Operator	Version
sterling_b2b_integrator	eq	6.0.0.0
sterling_b2b_integrator	ge	5.2
sterling_b2b_integrator	le	5.2.6.4

References

www.securityfocus.com/bid/107778

exchange.xforce.ibmcloud.com/vulnerabilities/156239

www.ibm.com/support/docview.wss?uid=ibm10874238