VYPR
Unrated severityNVD Advisory· Published Feb 4, 2019· Updated Sep 17, 2024

CVE-2018-1801

CVE-2018-1801

Description

IBM App Connect V11.0.0.0 through V11.0.0.1, IBM Integration Bus V10.0.0.0 through V10.0.0.13, IBM Integration Bus V9.0.0.0 through V9.0.0.10, and WebSphere Message Broker V8.0.0.0 through V8.0.0.9 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to consume memory resources. IBM X-Force ID: 149639.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

6
  • IBM/App Connectllm-create
    Range: >=V11.0.0.0 <=V11.0.0.1
  • IBM/Websphere Message Brokerllm-fuzzy2 versions
    >=V8.0.0.0 <=V8.0.0.9+ 1 more
    • (no CPE)range: >=V8.0.0.0 <=V8.0.0.9
    • (no CPE)range: 8.0.0.0
  • IBM/Integration Busllm-fuzzy2 versions
    >=V9.0.0.0 <=V9.0.0.10, >=V10.0.0.0 <=V10.0.0.13+ 1 more
    • (no CPE)range: >=V9.0.0.0 <=V9.0.0.10, >=V10.0.0.0 <=V10.0.0.13
    • (no CPE)range: 9.0.0.0
  • IBM/API Connectcpe-rescue
    Range: 11.0.0.0

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.