#VU8422 XXE attack in IBM InfoSphere Information Server for Cloud

Published: 2017-09-13

Vulnerability identifier: #VU8422

Vulnerability risk: Low

CVSSv3.1: 7.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L/E:U/RL:W/RC:C]

CVE-ID: CVE-2017-1383


Exploitation vector: Network

Exploit availability: No

Vulnerable software:
IBM InfoSphere Information Server for Cloud
Server applications / Other server solutions

Vendor: IBM Corporation

The vulnerability allows a remote attacker to conduct XXE attack.

The weakness exists in the encryption library due to improper handling of XML External Entity (XXE) entries when parsing an XML file. A remote attacker can send manipulated XML data and gain access to arbitrary data or consume memory resources.

Successful exploitation of the vulnerability results in information disclosure.

Workarounds are available on vendor's website.

Vulnerable software versions

IBM InfoSphere Information Server for Cloud: 9.1 - 11.5

External links

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability