CVE-2017-1149

IBM UrbanCode Deploy (UCD) 6.0, 6.1, and 6.2 is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume all available memory resources. IBM X-Force ID: 122202.
References
Link Resource
http://www.ibm.com/support/docview.wss?uid=swg2C1000289 Vendor Advisory
http://www.securityfocus.com/bid/98026 Third Party Advisory VDB Entry
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:ibm:urbancode_deploy:6.0.1.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:urbancode_deploy:6.0.1.7:*:*:*:*:*:*:*
cpe:2.3:a:ibm:urbancode_deploy:6.0.1.9:*:*:*:*:*:*:*
cpe:2.3:a:ibm:urbancode_deploy:6.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:urbancode_deploy:6.1.0.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:urbancode_deploy:6.1.1.5:*:*:*:*:*:*:*
cpe:2.3:a:ibm:urbancode_deploy:6.1.1.7:*:*:*:*:*:*:*
cpe:2.3:a:ibm:urbancode_deploy:6.2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:urbancode_deploy:6.2.0.201:*:*:*:*:*:*:*
cpe:2.3:a:ibm:urbancode_deploy:6.0.1.10:*:*:*:*:*:*:*
cpe:2.3:a:ibm:urbancode_deploy:6.0.1.11:*:*:*:*:*:*:*
cpe:2.3:a:ibm:urbancode_deploy:6.1.1.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:urbancode_deploy:6.0.1.8:*:*:*:*:*:*:*
cpe:2.3:a:ibm:urbancode_deploy:6.0.1.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:urbancode_deploy:6.0.1.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:urbancode_deploy:6.0.1.6:*:*:*:*:*:*:*
cpe:2.3:a:ibm:urbancode_deploy:6.1.1.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:urbancode_deploy:6.1.3.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:urbancode_deploy:6.1.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:urbancode_deploy:6.2.1.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:urbancode_deploy:6.0.1.4:*:*:*:*:*:*:*
cpe:2.3:a:ibm:urbancode_deploy:6.1.1.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:urbancode_deploy:6.1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:urbancode_deploy:6.0.1.13:*:*:*:*:*:*:*
cpe:2.3:a:ibm:urbancode_deploy:6.2.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:urbancode_deploy:6.1.1.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:urbancode_deploy:6.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:urbancode_deploy:6.1.3.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:urbancode_deploy:6.0.1.5:*:*:*:*:*:*:*
cpe:2.3:a:ibm:urbancode_deploy:6.0.1.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:urbancode_deploy:6.1.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:urbancode_deploy:6.1.1.4:*:*:*:*:*:*:*
cpe:2.3:a:ibm:urbancode_deploy:6.0.1.12:*:*:*:*:*:*:*
cpe:2.3:a:ibm:urbancode_deploy:6.2.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:urbancode_deploy:6.2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:urbancode_deploy:6.1.0.4:*:*:*:*:*:*:*
cpe:2.3:a:ibm:urbancode_deploy:6.1.1.8:*:*:*:*:*:*:*
cpe:2.3:a:ibm:urbancode_deploy:6.1.1.6:*:*:*:*:*:*:*

Information

Published : 2017-04-25 11:59

Updated : 2017-05-05 05:51


NVD link : CVE-2017-1149

Mitre link : CVE-2017-1149


JSON object : View

CWE
CWE-611

Improper Restriction of XML External Entity Reference

Advertisement

dedicated server usa

Products Affected

ibm

  • urbancode_deploy