2 matches found
CVE-2016-5971
IBM Security Privileged Identity Manager ISPIM Virtual Appliance 2.x before 2.0.2 FP8 allows remote authenticated users to read arbitrary files or cause a denial of service memory consumption via an XML document containing an external entity declaration in conjunction with an entity reference,...
CVE-2016-5971
IBM Security Privileged Identity Manager Virtual Appliance 2.x prior to 2.0.2 FP8 is affected by an XXE issue in XML processing that allows a remote authenticated user to read arbitrary files or cause memory exhaustion. The vulnerability is tied to XML External Entity processing in ISPIM Virtual ...