Home Unlabelled IBM Security Bulletin: An XML External Entity (XXE) processing vulnerability is exposed in Case Manager administration client (CVE-2018-1844)

IBM Security Bulletin: An XML External Entity (XXE) processing vulnerability is exposed in Case Manager administration client (CVE-2018-1844)

By
Thursday, November 08, 2018
Read
Add Comment

Nov 8, 2018 8:00 am EST

Categorized: High Severity

Share this post:

IBM Case Manager has addressed the following vulnerability. An XML External Entity (XXE) processing vulnerability is exposed in Case Manager administration client with the ability to import solution packaged which are FileNet Deployment Manager exported zip packages. (CVE-2018-1844)

CVE(s): CVE-2018-1844

Affected product(s) and affected version(s):

Affected IBM Case ManagerAffected Versions
IBM Case Manager5.3.X
IBM Case Manager5.2.1
IBM Case Manager5.2.0
IBM Case Manager5.1.1

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10734193
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/150904



from IBM Product Security Incident Response Team https://ift.tt/2OyTY6D
Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us