Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
IBM Security Directory Server external entity injection
Vulnerability Description
IBM Security Directory Server 6.4.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 228505.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H
Vulnerability Type
XML注入(XPath盲注)
Vulnerability Title
IBM Security Directory Server 代码问题漏洞
Vulnerability Description
IBM Security Directory Server是美国国际商业机器(IBM)公司的一套使用了轻量级目录访问协议(LDAP)的企业身份管理软件。该软件提供一个可信的身份数据基础架构,用于身份验证。 IBM Security Directory Server 6.4.0 版本存在安全漏洞,该漏洞源于处理 XML 数据时容易受到 XML 外部实体注入 (XXE) 攻击。
CVSS Information
N/A
Vulnerability Type
N/A