Lucene search
K

4 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/02/28 3:44 p.m.10 views

Security Bulletin: IBM Engineering Requirements Management DOORS Next is vulnerable to Xml Entity Injection (CVE-2024-39726)

Summary IBM Engineering Requirements Management DOORS Next is vulnerable to Xml Entity Injection CVE-2024-39726. Vulnerability Details CVEID:CVE-2024-39726 DESCRIPTION: IBM Engineering Lifecycle Optimization - Engineering Insights 7.0.2 and 7.0.3 is vulnerable to an XML External Entity Injection...

8.2CVSS7AI score0.00679EPSS
Exploits0Affected Software1
Cvelist
Cvelist
added 2024/11/15 4:13 p.m.21 views

CVE-2024-39726 IBM Engineering Insights XML external entity injection

IBM Engineering Lifecycle Optimization - Engineering Insights 7.0.2 and 7.0.3 is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources...

8.2CVSS0.00679EPSS
Exploits0References1
CVE
CVE
added 2024/11/15 4:13 p.m.57 views

CVE-2024-39726

Summary: IBM Engineering Lifecycle Optimization – Engineering Insights vulnerable to XML External Entity Injection (XXE). Affected: DOORS Next/ENI components 7.0.2 and 7.0.3 (and 7.1.0 per bulletin) processing XML data. Root cause: improper handling of XML entities leading to potential data expos...

8.2CVSS8.2AI score0.00679EPSS
Exploits0References1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/11/15 1:50 p.m.14 views

Security Bulletin: IBM Engineering Lifecycle Optimization - Engineering Insights is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data.

Summary IBM Engineering Lifecycle Optimization - Engineering Insights ENI is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. In XML parsers, when XML...

8.2CVSS6.8AI score0.00679EPSS
Exploits0Affected Software1
Rows per page
Query Builder