Description

IBM Team Concert (RTC) is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume all available memory resources. IBM X-Force ID: 120665.

Remediation

References

CVE-2017-1103

Related Vulnerabilities

MySQL CVE-2018-3123 Vulnerability (CVE-2018-3123)

Joomla! Core Security Bypass (2.5.0 - 3.8.7)

MySQL CVE-2020-14550 Vulnerability (CVE-2020-14550)

Jenkins Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2017-1000393)

WordPress Plugin Login by Auth0 Cross-Site Scripting (3.11.2)

Severity

High

Classification

CVE-2017-1103 CWE-611 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Tags

Missing Update Known Vulnerabilities