CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-0250

XML external entity (XXE) vulnerability in IBM InfoSphere Information Governance Catalog 11.3 before 11.3.1.2 and 11.5 before 11.5.0.1 allows remote authenticated users to read arbitrary files or cause a denial of service via crafted XML data. IBM X-Force ID: 110510.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 48.9%

CVSS Severity

CVSS v3 Score 5.4

CVSS v2 Score 5.5

References

Products affected by CVE-2016-0250

Ibm » Infosphere Information Server » Version: 11.3

cpe:2.3:a:ibm:infosphere_information_server:11.3
Ibm » Infosphere Information Server » Version: 11.3.0

cpe:2.3:a:ibm:infosphere_information_server:11.3.0
Ibm » Infosphere Information Server » Version: 11.3.1

cpe:2.3:a:ibm:infosphere_information_server:11.3.1
Ibm » Infosphere Information Server » Version: 11.3.1.0

cpe:2.3:a:ibm:infosphere_information_server:11.3.1.0
Ibm » Infosphere Information Server » Version: 11.3.1.1

cpe:2.3:a:ibm:infosphere_information_server:11.3.1.1
Ibm » Infosphere Information Server » Version: 11.5

cpe:2.3:a:ibm:infosphere_information_server:11.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-0250

Products

Pricing

Contact Us