High severity7.1NVD Advisory· Published Jun 29, 2016· Updated May 6, 2026

CVE-2015-8698

Description

CA Release Automation (formerly LISA Release Automation) 5.0.2 before 5.0.2-227, 5.5.1 before 5.5.1-1616, 5.5.2 before 5.5.2-434, and 6.1.0 before 6.1.0-1026 allows remote attackers to read arbitrary files or cause a denial of service via a request containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.ca.com/us/support/ca-support-online/product-content/recommended-reading/security-notices/ca20160627-01-security-notice-for-release-automation.aspxnvdVendor Advisory
www.securityfocus.com/bid/91497nvdThird Party AdvisoryVDB Entry
www.securitytracker.com/id/1036193nvdThird Party AdvisoryVDB Entry

News mentions

No linked articles in our index yet.

cvss	0.461
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000