2 matches found
Security Bulletin: Multiple Security vulnerabilities affect Rational Engineering Lifecycle Manager
Summary Rational Engineering Lifecycle Manager is vulnerable to multiple security vulnerabilities. Vulnerability Details CVEID: CVE-2018-1588 DESCRIPTION: IBM Jazz Foundation is vulnerable to a XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this...
CVE-2018-1588
The CVE-2018-1588 entry concerns IBM Jazz Foundation (IBM Rational Engineering Lifecycle Manager 5.0–5.0.2 and 6.0–6.0.6) with a XML External Entity (XXE) vulnerability when processing XML data. Underlying issue: XXE allow remote attackers to exfiltrate sensitive information or consume memory res...