← back
CVE-2018-1821

CVE-2018-1821

CVSS 7.1 HIGHEPSS 15.8%
IBM Operational Decision Management 8.5, 8.6, 8.7, 8.8, and 8.9 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 150170.
CVSS:3.0/A:L/AC:L/AV:N/C:H/I:N/PR:L/S:U/UI:N/E:U/RC:C/RL:O
Affected products
IBM · Operational Decision Management
public PoCs found2
cve_referencewww.exploit-db.com/exploits/46017/unverifiedexploitdbwww.exploit-db.com/exploits/46017unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://exchange.xforce.ibmcloud.com/vulnerabilities/150170https://www.exploit-db.com/exploits/46017/https://www.ibm.com/support/docview.wss?uid=ibm10744149http://www.securityfocus.com/bid/106325