VYPR
Unrated severityNVD Advisory· Published Dec 7, 2018· Updated Sep 16, 2024

CVE-2018-1920

CVE-2018-1920

Description

IBM Marketing Platform 9.1.0, 9.1.2 and 10.1 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 152855.

Affected products

2
  • IBM/Marketing Platformllm-fuzzy2 versions
    = 9.1.0, 9.1.2, 10.1+ 1 more
    • (no CPE)range: = 9.1.0, 9.1.2, 10.1
    • (no CPE)range: 9.1.2

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.