3 matches found
CVE-2016-6898
XML external entity XXE vulnerability in the Hyper Management Module HMM in Huawei E9000 rack servers with software before V100R001C00SPC296 allows remote authenticated users to read arbitrary files or cause a denial of service web service outage via a crafted XML document...
CVE-2016-6898
CVE-2016-6898 affects Huawei E9000 rack servers’ Hyper Management Module (HMM). A XML External Entity (XXE) vulnerability exists in user-supplied XML documents, allowing remote authenticated users to read arbitrary files or cause a web service denial of service. Impact is described as partial con...
Code injection
IBM Curam Social Program Management SPM 5.2 before SP6 EP6, 6.0 SP2 before EP26, 6.0.4 before 6.0.4.6, and 6.0.5 before 6.0.5.6 requires failed-login handling for web-service accounts to have the same lockout policy as for standard user accounts, which makes it easier for remote attackers to caus...