XML External Entity Parsing Vulnerability in IBM InfoSphere Master Data Management
CVE-2015-1909

Currently unrated

Key Information:

Vendor: IBM
Status: Infosphere Master Data Management Server
Vendor: CVE Published:; 25 May 2015

Summary

The XML parser in the Reference Data Management component of IBM InfoSphere Master Data Management allows remote attackers to exploit an XML External Entity (XXE) vulnerability. This flaw can enable unauthorized individuals to read arbitrary files from the server, potentially leading to administrative access and significant data exposure. It is crucial for users to apply patches or updates to mitigate this risk and protect sensitive information.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21700754

x_refsource_CONFIRM

Timeline

Vulnerability published
May 25, 2015
Vulnerability Reserved
Feb 19, 2015