CVE-2018-1542

IBM FileNet Content Manager, IBM Content Foundation, and IBM Case Foundation Administration Console for Content Platform Engine (ACCE) 5.2.1 and 5.5.0 are vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 142597.
References
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:ibm:filenet_content_manager:5.2.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:filenet_content_manager:5.5.0:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:ibm:content_foundation:5.5.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:content_foundation:5.2.1:*:*:*:*:*:*:*

Information

Published : 2018-07-06 07:29

Updated : 2019-10-09 16:38


NVD link : CVE-2018-1542

Mitre link : CVE-2018-1542


JSON object : View

CWE
CWE-611

Improper Restriction of XML External Entity Reference

Advertisement

dedicated server usa

Products Affected

ibm

  • content_foundation
  • filenet_content_manager