SymmetricalDataSecurity: IBM Security Bulletin: FileNet Content Management Interoperability Services (CMIS), which ships with IBM Content Navigator, is affected by the ability to parse untrusted XML input containing a reference to an external entity

Wednesday, July 11, 2018

IBM Security Bulletin: FileNet Content Management Interoperability Services (CMIS), which ships with IBM Content Navigator, is affected by the ability to parse untrusted XML input containing a reference to an external entity

Jul 11, 2018 9:00 am EDT

Share this post:

FileNet Content Management Interoperability Services (CMIS), which ships with IBM Content Navigator, is affected by the following vulnerability: Ability to process untrusted XML input containing a reference to an external entity that is parsed by a weekly configured XML parser.

CVE(s): CVE-2018-1364

Affected product(s) and affected version(s):

IBM Content Navigator 2.0.3.8
IBM Content Navigator 3.0.2
IBM Content Navigator 3.0.3

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www-01.ibm.com/support/docview.wss?uid=swg22017354
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/137449

from IBM Product Security Incident Response Team https://ift.tt/2u7dGiH

SymmetricalDataSecurity

Wednesday, July 11, 2018

IBM Security Bulletin: FileNet Content Management Interoperability Services (CMIS), which ships with IBM Content Navigator, is affected by the ability to parse untrusted XML input containing a reference to an external entity

No comments:

Post a Comment

Blog Archive

Search This Blog

Total Pageviews