Denial of Service Vulnerability in IBM Curam Social Program Management
CVE-2016-6111

9.1CRITICAL

Key Information:

Vendor
IBM
Vendor
CVE Published:
31 March 2017

Summary

The XML External Entity Injection vulnerability in IBM Curam Social Program Management versions 6.0 and 7.0 allows remote attackers to exploit the system through crafted XML data. This flaw may lead to unauthorized access to sensitive information and potential denial of service due to excessive resource consumption. Securing applications against such vulnerabilities is crucial to protect sensitive data and ensure system reliability.

Affected Version(s)

Cram Social Program Management 6.0.4

Cram Social Program Management 6.0.5

Cram Social Program Management 6.0

References

CVSS V3.1

Score:
9.1
Severity:
CRITICAL
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.