2 matches found
CVE-2018-1970
CVE-2018-1970 affects IBM Security Identity Manager 7.0.1, where XML External Entity (XXE) processing vulnerability exists when handling XML data. The underling issue is improper XML parsing that allows an attacker to disclose sensitive information or exhaust memory resources. Affected product: I...
Security Bulletin: IBM Security Identity Manager is affected by multiple vulnerabilities (CVE-2018-1959, CVE-2018-1962, CVE-2018-1970)
Summary IBM Security Identity Manager VA ISIM VA has addressed the following vulnerabilities due to hard-coded credentials, the lack of proper session termination, and XML external entity injection. Vulnerability Details CVEID: CVE-2018-1959 DESCRIPTION: IBM Security Identity Manager Virtual...