Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
IBM webMethods Integration Sever XML external entity injection
Vulnerability Description
IBM webMethods Integration Server 10.5, 10.7, 10.11, and 10.15 is vulnerable to an XML external entity injection (XXE) attack when processing XML data. A remote authenticated attacker could exploit this vulnerability to execute arbitrary commands.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
XML外部实体引用的不恰当限制(XXE)
Vulnerability Title
IBM webMethods Integration 代码问题漏洞
Vulnerability Description
IBM webMethods Integration是美国国际商业机器(IBM)公司的一个混合的企业 iPaaS。 IBM webMethods Integration Server 10.5版本、10.7版本、10.11版本和10.15版本存在代码问题漏洞,该漏洞源于XML外部实体注入漏洞,可能导致执行任意命令。
CVSS Information
N/A
Vulnerability Type
N/A