CVE-2018-1364
published 2018-01-29CVE-2018-1364: IBM Content Navigator 2.0 and 3.0 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this…
high8.2CVSS 3.0
AVNACLPRNUINSUCHINAL
IBM Content Navigator 2.0 and 3.0 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 137449.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | content_navigator | — | — |
| ibm | content_navigator | — | — |
| ibm | content_navigator | — | — |
| ibm | content_navigator | — | — |
| ibm | content_navigator | — | — |
| ibm | content_navigator | — | — |