IBM Security Key Lifecycle Manager CVE-2017-1666 XML External Entity Injection Vulnerability

Bugtraq ID: 102434
Class: Input Validation Error
CVE: CVE-2017-1666
Remote: Yes
Local: No
Published: Jan 05 2018 12:00AM
Updated: Jan 05 2018 12:00AM
Credit: Ron Craig, Warren Moynihan, Jonathan Fitz-Gerald, John Zuccato, Rodney Ryan, Chris Shepherd and Dmitriy Beryoza.
Vulnerable: IBM Security Key Lifecycle Manager 2.7.0.2
IBM Security Key Lifecycle Manager 2.7.0.0
IBM Security Key Lifecycle Manager 2.7
IBM Security Key Lifecycle Manager 2.6.0.3
IBM Security Key Lifecycle Manager 2.6.0.2
IBM Security Key Lifecycle Manager 2.6.0.1
IBM Security Key Lifecycle Manager 2.6
IBM Security Key Lifecycle Manager 2.5.0.8
IBM Security Key Lifecycle Manager 2.5.0.7
IBM Security Key Lifecycle Manager 2.5.0.1
IBM Security Key Lifecycle Manager 2.5
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus