Unrated severityNVD Advisory· Published Feb 4, 2019· Updated Sep 17, 2024
CVE-2018-1801
CVE-2018-1801
Description
IBM App Connect V11.0.0.0 through V11.0.0.1, IBM Integration Bus V10.0.0.0 through V10.0.0.13, IBM Integration Bus V9.0.0.0 through V9.0.0.10, and WebSphere Message Broker V8.0.0.0 through V8.0.0.9 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to consume memory resources. IBM X-Force ID: 149639.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
6- Range: >=V11.0.0.0 <=V11.0.0.1
>=V8.0.0.0 <=V8.0.0.9+ 1 more
- (no CPE)range: >=V8.0.0.0 <=V8.0.0.9
- (no CPE)range: 8.0.0.0
>=V9.0.0.0 <=V9.0.0.10, >=V10.0.0.0 <=V10.0.0.13+ 1 more
- (no CPE)range: >=V9.0.0.0 <=V9.0.0.10, >=V10.0.0.0 <=V10.0.0.13
- (no CPE)range: 9.0.0.0
- Range: 11.0.0.0
Patches
Vulnerability mechanics
References
2- www.ibm.com/support/docview.wssmitrex_refsource_CONFIRM
- exchange.xforce.ibmcloud.com/vulnerabilities/149639mitrevdb-entryx_refsource_XF
News mentions
0No linked articles in our index yet.