CVE-2016-9707

Summary

IBM Jazz Foundation is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume all available memory resources. IBM Reference #: 2000784.

Affected Software

VendorProductVersion RangeStatus
IBM CorporationRational Collaborative Lifecycle Management3.0.1affected
IBM CorporationRational Collaborative Lifecycle Management4.0affected
IBM CorporationRational Collaborative Lifecycle Management3.0.1.6affected
IBM CorporationRational Collaborative Lifecycle Management4.0.1affected
IBM CorporationRational Collaborative Lifecycle Management4.0.2affected
IBM CorporationRational Collaborative Lifecycle Management4.0.3affected
IBM CorporationRational Collaborative Lifecycle Management4.0.4affected
IBM CorporationRational Collaborative Lifecycle Management4.0.5affected
IBM CorporationRational Collaborative Lifecycle Management4.0.6affected
IBM CorporationRational Collaborative Lifecycle Management5.0affected
IBM CorporationRational Collaborative Lifecycle Management4.0.7affected
IBM CorporationRational Collaborative Lifecycle Management5.0.1affected
IBM CorporationRational Collaborative Lifecycle Management5.0.2affected
IBM CorporationRational Collaborative Lifecycle Management6.0affected
IBM CorporationRational Collaborative Lifecycle Management6.0.1affected
IBM CorporationRational Collaborative Lifecycle Management6.0.2affected
IBM CorporationRational Collaborative Lifecycle Management6.0.3affected

Weaknesses

  • Obtain Information

ADP Enrichment

CVE Program Container

Additional References

References