Denial of Service Vulnerability in IBM Curam Social Program Management
CVE-2016-6111
9.1CRITICAL
Summary
The XML External Entity Injection vulnerability in IBM Curam Social Program Management versions 6.0 and 7.0 allows remote attackers to exploit the system through crafted XML data. This flaw may lead to unauthorized access to sensitive information and potential denial of service due to excessive resource consumption. Securing applications against such vulnerabilities is crucial to protect sensitive data and ensure system reliability.
Affected Version(s)
Cram Social Program Management 6.0.4
Cram Social Program Management 6.0.5
Cram Social Program Management 6.0
References
CVSS V3.1
Score:
9.1
Severity:
CRITICAL
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved