Vulnerability Details CVE-2016-6059
IBM InfoSphere Information Server is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume all available memory resources.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 57.4%
CVSS Severity
CVSS v3 Score 8.1
CVSS v2 Score 7.5
References
Products affected by CVE-2016-6059
-
cpe:2.3:a:ibm:infosphere_datastage:11.3
-
cpe:2.3:a:ibm:infosphere_datastage:11.3.1
-
cpe:2.3:a:ibm:infosphere_datastage:11.5
-
cpe:2.3:a:ibm:infosphere_information_server:11.3
-
cpe:2.3:a:ibm:infosphere_information_server:11.3.1
-
cpe:2.3:a:ibm:infosphere_information_server:11.5
-
cpe:2.3:a:ibm:infosphere_information_server_on_cloud:11.5