XML External Entity Vulnerability in IBM Rational Collaborative Lifecycle Management Products
CVE-2015-0112

Currently unrated

Key Information:

Vendor: IBM
Status: Rational Requirements Composer
Vendor: CVE Published:; 7 June 2015

What is CVE-2015-0112?

The vulnerability affects various versions of IBM Rational Collaborative Lifecycle Management products, allowing remote authenticated users to exploit an XML External Entity (XXE) issue. Through this exploitation, attackers can access arbitrary files on the system. The impact of this vulnerability enables unauthorized data exposure, potentially compromising sensitive information within the device's file system.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21957763

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 7, 2015
Vulnerability Reserved
Nov 18, 2014