CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2016-3039

IBM Traveler 8.x and 9.x before 9.0.1.12 allows remote authenticated users to read arbitrary files or cause a denial of service (memory consumption) via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.007

EPSS Ranking 70.2%

CVSS Severity

CVSS v3 Score 8.1

CVSS v2 Score 8.5

References

http://www-01.ibm.com/support/docview.wss?uid=swg1LO89357
http://www-01.ibm.com/support/docview.wss?uid=swg21985858
http://www.securityfocus.com/bid/91796
http://www-01.ibm.com/support/docview.wss?uid=swg1LO89357
http://www-01.ibm.com/support/docview.wss?uid=swg21985858
http://www.securityfocus.com/bid/91796

Products affected by CVE-2016-3039

Ibm » Traveler » Version: 8.5.3

cpe:2.3:a:ibm:traveler:8.5.3
Ibm » Traveler » Version: 9.0

cpe:2.3:a:ibm:traveler:9.0
Ibm » Traveler » Version: 9.0.1

cpe:2.3:a:ibm:traveler:9.0.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-3039

Products

Pricing

Contact Us