IBM Security Access Manager Products CVE-2016-3027 XML External Entity Injection Vulnerability

Bugtraq ID: 96127
Class: Input Validation Error
CVE: CVE-2016-3027
Remote: Yes
Local: No
Published: Dec 14 2016 12:00AM
Updated: Mar 07 2017 05:02AM
Credit: IBM X-Force Ethical Hacking Team: Paul Ionescu, Warren Moynihan, Jonathan Fitz-Gerald, John Zuccato, Rodney Ryan, Chris Shepherd, Dmitryi Beryoza.
Vulnerable: IBM Security Access Manager for Web 8.0.1
IBM Security Access Manager for Web 8.0 2
IBM Security Access Manager for Web 8.0.1.3
IBM Security Access Manager for Web 8.0.1.2
IBM Security Access Manager for Web 8.0.1.1
IBM Security Access Manager for Web 8.0.1.0
IBM Security Access Manager for Web 8.0.0.5
IBM Security Access Manager for Web 8.0.0.4
IBM Security Access Manager for Web 8.0.0.0
IBM Security Access Manager for Web 8.0
IBM Security Access Manager for Mobile 8.0.1
IBM Security Access Manager for Mobile 8.0.1.3
IBM Security Access Manager for Mobile 8.0.1.2
IBM Security Access Manager for Mobile 8.0.1.1
IBM Security Access Manager for Mobile 8.0.0.5
IBM Security Access Manager for Mobile 8.0.0.4
IBM Security Access Manager for Mobile 8.0.0.2
IBM Security Access Manager for Mobile 8.0.0.1
IBM Security Access Manager for Mobile 8.0.0.0
IBM Security Access Manager for Mobile 8.0
IBM Security Access Manager 9.0.1.0
IBM Security Access Manager 9.0.0.1
IBM Security Access Manager 9.0
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus