4 matches found
Security Bulletin: IBM Transformation Extender Advanced is Potentially Vulnerable to an XML External Entity (XXE) Injection in its REST API.
Summary IBM 10x framework used by IBM Transformation Extender Advanced REST API is vulnerable to XXE injection. The vulnerability was reported by IBM Financial Transaction Manager for ACH Services for Multi-Platform which also uses the IBM 10x framework. Vulnerability Details CVEID: CVE-2017-1758...
Security Bulletin: 10x Vulnerability in IBM Control Center Could Allow Potential XML External Entity (XXE) Injection
Summary IBM Control Center has addressed the following vulnerability: A potential XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. Vulnerability Details CVEID:...
Security Bulletin: Financial Transaction Manager for ACH Services and Corporate Payment Services has a potential XML External Entity vulnerability (CVE-2017-1758)
Summary Financial Transaction Manager FTM for ACH Services and FTM for Corporate Payment Services CPS has addressed a potential XML External Entity vulnerability. For some web services, if the request is intercepted and modified, the XML payload could take advantage of XML External Entity Injecti...
CVE-2017-1758
CVE-2017-1758 is an XML External Entity Injection (XXE) vulnerability affecting IBM Financial Transaction Manager for ACH Services for Multi-Platform and related IBM products (Control Center, Transformation Extender Advanced) per IBM advisories. Connected documents enumerate affected software and...