Xxe

2019-07-3014:15:00

PRIOn knowledge base

www.prio-n.com

6.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

45.7%

JSON

IBM Daeja ViewONE Professional, Standard & Virtual 5.0.5 and 5.0.6 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 163620.

CPENameOperatorVersion
daeja_viewonege5.0
daeja_viewonele5.0.6
daeja_viewonege5.0
daeja_viewonele5.0.6
daeja_viewonege5.0
daeja_viewonele5.0.6

Name	Operator	Version
daeja_viewone	ge	5.0
daeja_viewone	le	5.0.6
daeja_viewone	ge	5.0
daeja_viewone	le	5.0.6
daeja_viewone	ge	5.0
daeja_viewone	le	5.0.6

References

exchange.xforce.ibmcloud.com/vulnerabilities/163620

www.ibm.com/support/docview.wss?uid=ibm10959177