SymmetricalDataSecurity: IBM Security Bulletin: IBM Security Access Manager appliances are affected by an XML External Entity vulnerability (CVE-2016-2908)

Tuesday, January 3, 2017

IBM Security Bulletin: IBM Security Access Manager appliances are affected by an XML External Entity vulnerability (CVE-2016-2908)

IBM Security Access Manager could allow a remote attacker to obtain sensitive information, caused by a XML external entity (XXE) error when processing XML data by the XML parser.

CVE(s): CVE-2016-2908

Affected product(s) and affected version(s):

IBM Security Access Manager for Web 8.0 appliances, all firmware versions.

IBM Security Access Manager for Mobile 8.0 appliances, all firmware versions.

IBM Security Access Manager 9.0 appliances, all firmware versions.

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2iLmHGD
X-Force Database: http://ift.tt/2hNvg7n

from IBM Product Security Incident Response Team http://ift.tt/2iLktqR

SymmetricalDataSecurity

Tuesday, January 3, 2017

IBM Security Bulletin: IBM Security Access Manager appliances are affected by an XML External Entity vulnerability (CVE-2016-2908)

No comments:

Post a Comment

Blog Archive

Search This Blog

Total Pageviews