CVE-2017-1192

Summary

IBM Sterling B2B Integrator 5.2 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume memory resources. IBM X-Force ID: 123663.

Affected Software

VendorProductVersion RangeStatus
IBMSterling B2B Integrator5.2affected
IBMSterling B2B Integrator5.2.4affected
IBMSterling B2B Integrator5.2.1affected
IBMSterling B2B Integrator5.2.2affected
IBMSterling B2B Integrator5.2.3affected
IBMSterling B2B Integrator5.2.5affected
IBMSterling B2B Integrator5.2.6affected

Weaknesses

  • Obtain Information

ADP Enrichment

CVE Program Container

Additional References

References