CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2015-7400

The Lotus Mashups component in IBM Mashup Center 3.0.0.1 allows remote authenticated users to cause a denial of service (CPU consumption) via an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.008

EPSS Ranking 72.5%

CVSS Severity

CVSS v3 Score 7.7

CVSS v2 Score 6.8

References

http://www-01.ibm.com/support/docview.wss?uid=swg1IT12268
http://www-01.ibm.com/support/docview.wss?uid=swg21970392
http://www.securityfocus.com/bid/77986
http://www.securitytracker.com/id/1035319
http://www-01.ibm.com/support/docview.wss?uid=swg1IT12268
http://www-01.ibm.com/support/docview.wss?uid=swg21970392
http://www.securityfocus.com/bid/77986
http://www.securitytracker.com/id/1035319

Products affected by CVE-2015-7400

Ibm » Mashups Center » Version: 3.0.0.1

cpe:2.3:a:ibm:mashups_center:3.0.0.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-7400

Products

Pricing

Contact Us