Описание
IBM InfoSphere Guardium 8.0, 8.01, and 8.2 is vulnerable to XML external entity injection, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to obtain sensitive information. IBM X-Force ID: 78291.
Ссылки
- Broken Link
- VDB EntryVendor Advisory
- Broken Link
- VDB EntryVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:ibm:infosphere_guardium:8.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:infosphere_guardium:8.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:infosphere_guardium:8.2:*:*:*:*:*:*:*
EPSS
Процентиль: 42%
0.002
Низкий
4.3 Medium
CVSS3
4.3 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-776
Связанные уязвимости
github
почти 4 года назад
IBM InfoSphere Guardium 8.0, 8.01, and 8.2 is vulnerable to XML external entity injection, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to obtain sensitive information. IBM X-Force ID: 78291.
EPSS
Процентиль: 42%
0.002
Низкий
4.3 Medium
CVSS3
4.3 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-776