漏洞概要

缺陷编号:
CVE-2017-1192

漏洞标题:
CVE-2017-1192

提交时间:
08/10/2017

危害等级:

相关厂商:

漏洞分类:
漏洞公布

关注度:
共 6 人关注

漏洞详情

Description

IBM Sterling B2B Integrator 5.2 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume memory resources. IBM X-Force ID: 123663.

Source: 
MITRE
    
Last Modified: 
08/10/2017

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because
they may have information that would be of interest to you. No inferences should be drawn on account of other sites
being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose.
NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further,
NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about
this page to nvd@nist.gov.

Hyperlink Resource Type Source Name
http://www.ibm.com/support/docview.wss?uid=swg22004267 External Source CONFIRM http://www.ibm.com/support/docview.wss?uid=swg22004267
https://exchange.xforce.ibmcloud.com/vulnerabilities/123663 External Source MISC https://exchange.xforce.ibmcloud.com/vulnerabilities/123663

发表评论

电子邮件地址不会被公开。 必填项已用*标注