4 matches found
Security Bulletin: IBM Engineering Requirements Management DOORS Next is vulnerable to Xml Entity Injection (CVE-2024-39726)
Summary IBM Engineering Requirements Management DOORS Next is vulnerable to Xml Entity Injection CVE-2024-39726. Vulnerability Details CVEID:CVE-2024-39726 DESCRIPTION: IBM Engineering Lifecycle Optimization - Engineering Insights 7.0.2 and 7.0.3 is vulnerable to an XML External Entity Injection...
CVE-2024-39726 IBM Engineering Insights XML external entity injection
IBM Engineering Lifecycle Optimization - Engineering Insights 7.0.2 and 7.0.3 is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources...
CVE-2024-39726
Summary: IBM Engineering Lifecycle Optimization – Engineering Insights vulnerable to XML External Entity Injection (XXE). Affected: DOORS Next/ENI components 7.0.2 and 7.0.3 (and 7.1.0 per bulletin) processing XML data. Root cause: improper handling of XML entities leading to potential data expos...
Security Bulletin: IBM Engineering Lifecycle Optimization - Engineering Insights is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data.
Summary IBM Engineering Lifecycle Optimization - Engineering Insights ENI is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. In XML parsers, when XML...