2 matches found
CVE-2018-1846
IBM Rational Engineering Lifecycle Manager (RELM) versions 5.0–5.0.2 and 6.0–6.0.6 are affected by a XML External Entity (XXE) vulnerability in XML data processing. A remote attacker could disclose sensitive information or exhaust memory Resources. A fix is available: upgrade to RELM 6.0.6 with i...
Security Bulletin: Security vulnerability affects Rational Engineering Lifecycle Manager
Summary Rational Engineering Lifecycle Manager is affected by a potential security vulnerability Vulnerability Details CVEID: CVE-2018-1846 DESCRIPTION: IBM RELM is vulnerable to a XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerabilit...