Executive Summary

Informations
NameCVE-2016-6111First vendor Publication2017-03-31
VendorCveLast vendor Modification2017-04-04

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:N/A:C)
Cvss Base Score8.5Attack RangeNetwork
Cvss Impact Score7.8Attack ComplexityLow
Cvss Expoit Score10AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

IBM Curam Social Program Management 6.0 and 7.0 are vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume all available memory resources. IBM Reference #: 2000833.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6111

CWE : Common Weakness Enumeration

%idName
100 %CWE-611Information Leak Through XML External Entity File Disclosure

CPE : Common Platform Enumeration

TypeDescriptionCount
Application39

Sources (Detail)

SourceUrl
BID http://www.securityfocus.com/bid/97244
CONFIRM http://www.ibm.com/support/docview.wss?uid=swg22000833

Alert History

If you want to see full details history, please login or register.
0
1
2
DateInformations
2017-04-05 00:21:46
  • Multiple Updates
2017-04-04 09:22:19
  • Multiple Updates
2017-04-01 00:23:11
  • First insertion