12 matches found
Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with IBM Security Guardium Key Lifecycle Manager (SKLM/GKLM) (CVE-2024-45072)
Summary WebSphere Application Server is shipped as a component of IBM Security Guardium Key Lifecycle Manager SKLM/GKLM. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulleti...
Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server, which is used by IBM Rational ClearQuest (CVE-2024-45072)
Summary IBM WebSphere Application Server WAS is used by IBM Rational ClearQuest server and web components. Information about security vulnerability affecting WAS has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes sectio...
Security Bulletin: Maximo Asset Management- A security vulnerability has been identified in IBM WebSphere Application Server shipped with Asset and Service Management (CVE-2024-45072)
Summary IBM WebSphere Application Server is shipped as a component of Maximo Asset Management, Maximo Industry Solutions including Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas, and Maximo for Utilities, Maximo Adapter for Primavera,...
Security Bulletin: IBM WebSphere Application Server shipped with Jazz for Service Management (JazzSM) is vulnerable to an XML External Entity Injection (XXE) vulnerability (CVE-2024-45072)
Summary IBM WebSphere Application Server shipped with Jazz for Service Management JazzSM is vulnerable to an XML External Entity Injection XXE in the administrative console. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Version...
Security Bulletin: IBM WebSphere Application Server, which is bundled with IBM WebSphere Hybrid Edition, is vulnerable to an XML External Entity Injection (XXE) vulnerability (CVE-2024-45072)
Summary IBM WebSphere Application Server, which is bundled with IBM WebSphere Hybrid Edition, is vulnerable to an XML External Entity Injection XXE in the administrative console. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and...
Security Bulletin: IBM Tivoli Composite Application Manager for Application Diagnostics installed IBM WebSphere Application Server traditional is vulnerable to an XML External Entity Injection (XXE) vulnerability (CVE-2024-45072).
Summary The security issue described in CVE-2024-45072 has been identified in the WebSphere Application Server included as part of IBM Tivoli Composite Application Manager for Application Diagnostics. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...
Security Bulletin: IBM Master Data Management is vulnerable to an XXE attack from a vulnerability found in IBM WebSphere Application Server (CVE-2024-45072)
Summary IBM Master Data Management v11.6, v12.0, and v14.0 are vulnerable to an XXE attack from a vulnerability found in IBM WebSphere Application Server. IBM WebSphere Application Server is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A privileged user coul...
Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with WebSphere Service Registry and Repository (CVE-2024-45072)
Summary WebSphere Application Server is shipped as a component of WebSphere Service Registry and Repository. Information about an XML External Entity Injection XXE attack vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to...
Security Bulletin: IBM WebSphere Application Server is vulnerable to an XML External Entity Injection (XXE) vulnerability (CVE-2024-45072)
Summary IBM WebSphere Application Server is vulnerable to an XML External Entity Injection XXE in the administrative console. Vulnerability Details CVEID:CVE-2024-45072 DESCRIPTION: IBM WebSphere Application Server is vulnerable to an XML External Entity Injection XXE attack when processing XML...
CVE-2024-45072
IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A privileged user could exploit this vulnerability to expose sensitive information or consume memory resources...
CVE-2024-45072 IBM WebSphere Application Server XML external entity injection
IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A privileged user could exploit this vulnerability to expose sensitive information or consume memory resources...
CVE-2024-45072 IBM WebSphere Application Server XML external entity injection
IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A privileged user could exploit this vulnerability to expose sensitive information or consume memory resources...