IBM Sterling Partner Engagement Manager 6.1 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 230017.
oryginał ENCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:LIBM Sterling Partner Engagement Manager
APPIbm6.2.1.02.0 – 6.1.2.6 (bez)6.2.0.0 – 6.2.0.4 (bez)
Powiązane podatności
IBM Sterling Partner Engagement Manager 6.1.0, 6.2.0, 6.2.2 JWT secret is stored in public Helm Charts and is ...
IBM Sterling Partner Engagement Manager 6.1, 6.2, and Cloud 22.2 do not limit the length of a connection which...
IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 could allow an att...
IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 is vulnerable to c...
IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 could allow a remo...