Denial of Service Vulnerability in IBM WebSphere Cast Iron Solution
CVE-2016-9691

8.6HIGH

Key Information:

Vendor: IBM
Status: Websphere Cast Iron Cloud Integration
Vendor: CVE Published:; 5 May 2017

What is CVE-2016-9691?

The IBM WebSphere Cast Iron Solution versions 7.0.0 and 7.5.0.0 are susceptible to a denial of service through an XML External Entity Injection flaw. This vulnerability arises during the processing of XML data and can be exploited by a remote attacker. Such exploitation may lead to the disclosure of sensitive information or result in significant resource consumption, potentially crippling system performance.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

WebSphere Cast Iron Cloud integration 7.0.0. 7.5.0.0

References

http://www.securityfocus.com/bid/98338

vdb-entryx_refsource_BID

http://www.ibm.com/support/docview.wss?uid=swg21998014

x_refsource_CONFIRM

CVSS V3.1

Score:

8.6

Severity:

HIGH

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 5, 2017
Vulnerability Reserved
Dec 1, 2016

JSON

IBM