IBM Connections XXE Vulnerability: Denial of Service via Crafted XML Data

IBM Connections XXE Vulnerability: Denial of Service via Crafted XML Data

CVE-2015-7461 · MEDIUM Severity

AV:N/AC:L/AU:S/C:N/I:N/A:P

XML external entity (XXE) vulnerability in IBM Connections 3.0.1.1 and earlier, 4.0, 4.5, and 5.0 before CR4 allows remote authenticated users to cause a denial of service (memory consumption) via crafted XML data. IBM X-Force ID: 108357.

Learn more about our Cis Benchmark Audit For Ibm I.