4.3

CVE-2013-5372

EPSS 1.73%
Veröffentlicht 19.10.2013 10:36:07
Zuletzt bearbeitet 29.04.2026 01:13:23
Quelle psirt@us.ibm.com
CVE-Watchlists
Login
Unerledigt
Login

The XML4J parser in IBM WebSphere Message Broker 6.1 before 6.1.0.12, 7.0 before 7.0.0.7, and 8.0 before 8.0.0.4 and IBM Integration Bus 9.0 before 9.0.0.1 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document that triggers expansion for many entities.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 15

NVD 23 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Ibm ≫ Websphere Message Broker Version6.1

Ibm ≫ Websphere Message Broker Version6.1.0.1

Ibm ≫ Websphere Message Broker Version6.1.0.2

Ibm ≫ Websphere Message Broker Version6.1.0.3

Ibm ≫ Websphere Message Broker Version6.1.0.4

Ibm ≫ Websphere Message Broker Version6.1.0.5

Ibm ≫ Websphere Message Broker Version6.1.0.6

Ibm ≫ Websphere Message Broker Version6.1.0.7

Ibm ≫ Websphere Message Broker Version6.1.0.8

Ibm ≫ Websphere Message Broker Version6.1.0.9

Ibm ≫ Websphere Message Broker Version6.1.0.10

Ibm ≫ Websphere Message Broker Version6.1.0.11

Ibm ≫ Websphere Message Broker Version8.0

Ibm ≫ Websphere Message Broker Version8.0.0.1

Ibm ≫ Websphere Message Broker Version8.0.0.2

Ibm ≫ Websphere Message Broker Version8.0.0.3

Ibm ≫ Websphere Message Broker Version7.0.

Ibm ≫ Websphere Message Broker Version7.0.0.1

Ibm ≫ Websphere Message Broker Version7.0.0.2

Ibm ≫ Websphere Message Broker Version7.0.0.3

Ibm ≫ Websphere Message Broker Version7.0.0.4

Ibm ≫ Websphere Message Broker Version7.0.0.5

Ibm ≫ Websphere Message Broker Version7.0.0.6

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	1.73%	0.817

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:N/I:N/A:P

Es wurden noch keine Informationen zu CWE veröffentlicht.

http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html

http://rhn.redhat.com/errata/RHSA-2013-1507.html

http://rhn.redhat.com/errata/RHSA-2013-1508.html

http://rhn.redhat.com/errata/RHSA-2013-1509.html

http://rhn.redhat.com/errata/RHSA-2013-1793.html

http://secunia.com/advisories/56338

http://www-01.ibm.com/support/docview.wss?uid=swg21655201

http://www-01.ibm.com/support/docview.wss?uid=swg1IC96473

http://www-01.ibm.com/support/docview.wss?uid=swg21653087

Vendor Advisory

http://www-01.ibm.com/support/docview.wss?uid=swg21655202

https://exchange.xforce.ibmcloud.com/vulnerabilities/86662

https://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_November_2013

https://nvd.nist.gov/vuln/detail/CVE-2013-5372

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2013-5372

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2013-5372

EUVD