IBM Business Process Manager CVE-2017-1527 XML External Entity Injection Vulnerability

IBM Business Process Manager is prone to an XML External Entity injection vulnerability.

Attackers can exploit this issue to gain access to sensitive information or cause denial-of-service condition.

The following versions are vulnerable:

Business Process Manager V7.5.0.0 through V7.5.1.2
Business Process Manager V8.0.0.0 through V8.0.1.3
Business Process Manager V8.5.0.0 through V8.5.0.2
Business Process Manager V8.5.5.0
Business Process Manager V8.5.6.0 through V8.5.6.0 CF2
Business Process Manager V8.5.7.0 through V8.5.7.0 Cumulative Fix 2017.06


 

Privacy Statement
Copyright 2010, SecurityFocus