Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv2

CVE-2016-8980

Published: 01/02/2017 Updated: 13/02/2017
CVSS v2 Base Score: 7.5 | Impact Score: 7.8 | Exploitability Score: 8
CVSS v3 Base Score: 8.1 | Impact Score: 5.2 | Exploitability Score: 2.8
VMScore: 668
Vector: AV:N/AC:L/Au:S/C:P/I:N/A:C
Subscribe to License Metric Tool

Vulnerability Summary

IBM BigFix Inventory v9 is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume all available memory resources.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

ibm license_metric_tool 9.2.0

ibm bigfix inventory 9.2

References

CWE-611http://www.ibm.com/support/docview.wss?uid=swg21995013http://www.securityfocus.com/bid/95141https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
encryptionCVE-2024-4331CVE-2024-26925arbitrary codeCVE-2006-4304CVE-2024-25458CVE-2024-27077reflected XSSCVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook