IBM Business Process Manager 7.5/8.0/8.5 XML Data xml external entity reference

entryeditHistoryDiffjsonxmlCTI

A vulnerability has been found in IBM Business Process Manager 7.5/8.0/8.5 (Business Process Management Software) and classified as critical. Affected by this vulnerability is an unknown code of the component XML Data Handler. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

User

Field

Commit Conf

Approve Conf

IDCommitedUserFieldChangeRemarksModeratedReasonC
1082014201/14/2021VulD...person_nameSergio Ortega Fernndezsecurityfocus.com01/14/2021accepted70
1082014101/14/2021VulD...cvss2_nvd_basescore7.5nist.gov01/14/2021accepted90
1082014001/14/2021VulD...price_0day$5k-$25ksee documentation01/14/2021accepted90
1082013901/14/2021VulD...xforce130156cve.mitre.org01/14/2021accepted70
714174211/20/2019VulD...securityfocus_classInput Validation Errorsecurityfocus.com11/20/2019accepted100
714174111/20/2019VulD...securityfocus_date1506038400 (09/22/2017)securityfocus.com11/20/2019accepted100
714173311/20/2019VulD...confirm_urlhttp://www.ibm.com/support/docview.wss?uid=swg22007346ibm.com11/20/2019accepted100
714169311/20/2019VulD...discoverydate150629760011/20/2019accepted100
714175509/27/2017VulD...cvss3_nvd_basescore8.1nist.gov09/27/2017accepted90
714175409/27/2017VulD...0day_days109/27/2017accepted90
714175309/27/2017VulD...cvss3_vuldb_rcX09/27/2017accepted90
714175209/27/2017VulD...cvss3_vuldb_rlX09/27/2017accepted90
714175109/27/2017VulD...cvss3_vuldb_eX09/27/2017accepted90
714175009/27/2017VulD...cvss2_vuldb_rcND09/27/2017accepted90
714174909/27/2017VulD...cvss2_vuldb_rlND09/27/2017accepted90
714174809/27/2017VulD...cvss2_vuldb_eND09/27/2017accepted90
714174709/27/2017VulD...locationWebsite09/27/2017accepted90
714174609/27/2017VulD...seealso107170 107169 10716809/27/2017accepted100
714174509/27/2017VulD...qualys_titleIBM Business Process Manager XML External Entity (XXE) injection vulnerability (swg22007346)qualys.com09/27/2017accepted100
714174409/27/2017VulD...qualys_id370606qualys.com09/27/2017accepted100

Might our Artificial Intelligence support you?

Check our Alexa App!