2 matches found
Security Bulletin: XML External Entity Injection (XXE) attack Affects IBM Partner Engagement Manager (CVE-2022-34348)
Summary IBM Sterling Partner Engagement Manager is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. Vulnerability Details CVEID:CVE-2022-34348...
CVE-2022-34348
IBM Sterling Partner Engagement Manager (PEM) v6.1 is affected by CVE-2022-34348, a XML External Entity (XXE) processing vulnerability. The issue arises when PEM processes XML data, enabling a remote attacker to access sensitive information or exhaust memory resources. The IBM security bulletin l...