XML External Entity Vulnerability in IBM WebSphere Commerce
CVE-2015-0133

Currently unrated

Key Information:

Vendor

IBM
Status
Websphere Commerce
Vendor
CVE Published:
13 March 2015

What is CVE-2015-0133?

An XML External Entity (XXE) vulnerability exists in IBM WebSphere Commerce versions from Feature Pack 4 through Feature Pack 8, allowing remote attackers to exploit XML external entity declarations. This exploitation can lead to unauthorized access to and reading of sensitive files on the server, and may result in the potential for gaining administrative privileges, thus compromising the security of the affected systems.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securitytracker.com/id/1031881
vdb-entryx_refsource_SECTRACK
http://www-01.ibm.com/support/docview.wss?uid=swg1JR52499
vendor-advisoryx_refsource_AIXAPAR
http://www-01.ibm.com/support/docview.wss?uid=swg21696242
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.