XML External Entity Vulnerability in IBM Rational Collaborative Lifecycle Management Products
CVE-2015-0112

Currently unrated

Key Information:

Vendor: IBM
Status: Rational Requirements Composer
Vendor: CVE Published:; 7 June 2015

Summary

The vulnerability affects various versions of IBM Rational Collaborative Lifecycle Management products, allowing remote authenticated users to exploit an XML External Entity (XXE) issue. Through this exploitation, attackers can access arbitrary files on the system. The impact of this vulnerability enables unauthorized data exposure, potentially compromising sensitive information within the device's file system.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21957763

x_refsource_CONFIRM

Timeline

Vulnerability published
Jun 7, 2015
Vulnerability Reserved
Nov 18, 2014