[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

XML External Entity Injection vulnerability in IBM WebSphere Application Server - CVE-2020-4643 (linux)

ID: oval:org.secpod.oval:def:65712Date: (C)2020-09-28   (M)2022-11-03
Class: VULNERABILITYFamily: unix




The host is installed with WebSphere Application Server Network Deployment 9.x through 9.0.5.5, 8.5.x through 8.5.5.17, 8.0.x through 8.0.0.15 or 7.0.x through 7.0.0.45 and is prone to an XML external entity injection vulnerability. A flaw is present in the application, which fails to handle XML data. Successful exploitation allows remote attacker to disclose sensitive information.

Platform:
Linux
Product:
IBM WebSphere Application Server Network Deployment 7.0
IBM WebSphere Application Server Network Deployment 8.0
IBM WebSphere Application Server Network Deployment 9.0
IBM WebSphere Application Server Network Deployment 8.5
Reference:
CVE-2020-4643
CVE    1
CVE-2020-4643
CPE    5
cpe:/a:ibm:websphere_application_server:8.0
cpe:/a:ibm:websphere_application_server:9.0
cpe:/a:ibm:websphere_application_server:7.0
cpe:/a:ibm:websphere_application_server
...

© SecPod Technologies