IBM Security Identity Manager CVE-2018-2019 XML External Entity Injection Vulnerability

Bugtraq ID: 106657
Class: Input Validation Error
CVE: CVE-2018-2019
Remote: Yes
Local: No
Published: Jan 10 2019 12:00AM
Updated: Jan 10 2019 12:00AM
Credit: Warren Moynihan, Jonathan Fitz-Gerald, John Zuccato, Rodney Ryan, Chris Shepherd and Dmitriy Beryoza from IBM X-Force Ethical Hacking Team.
Vulnerable: IBM Security Identity Manager 6.0 2
IBM Security Identity Manager 6.0 0
IBM Security Identity Manager 6.0.0.6
IBM Security Identity Manager 6.0.0.5
IBM Security Identity Manager 6.0.0.4
IBM Security Identity Manager 6.0.0.3
IBM Security Identity Manager 6.0.0.20
IBM Security Identity Manager 6.0.0.19
IBM Security Identity Manager 6.0.0.18
IBM Security Identity Manager 6.0.0.14
IBM Security Identity Manager 6.0.0.10
IBM Security Identity Manager 6.0.0.1
IBM Security Identity Manager 6.0.0
Not Vulnerable: IBM Security Identity Manager 6.0.0.21


 

Privacy Statement
Copyright 2010, SecurityFocus