CVE-2016-0369

2.7LOW

Key Information:

Vendor: IBM
Status: Forms Experience Builder
Vendor: CVE Published:; 21 February 2018

Summary

XML external entity (XXE) vulnerability in IBM Forms Experience Builder 8.5, 8.5.1, and 8.6 allows remote authenticated users to obtain sensitive information via crafted XML data. IBM X-Force ID: 112088.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/112088

vdb-entryx_refsource_XF

http://www-01.ibm.com/support/docview.wss?uid=swg21988727

x_refsource_CONFIRM

CVSS V3.1

Score:

2.7

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 21, 2018
Vulnerability Reserved
Dec 8, 2015