4.3

CVE-2013-5372

EPSS 1.73%
Veröffentlicht 19.10.2013 10:36:07
Zuletzt bearbeitet 11.04.2025 00:51:21
Quelle psirt@us.ibm.com
Teams Watchlist Login
Unerledigt Login

The XML4J parser in IBM WebSphere Message Broker 6.1 before 6.1.0.12, 7.0 before 7.0.0.7, and 8.0 before 8.0.0.4 and IBM Integration Bus 9.0 before 9.0.0.1 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document that triggers expansion for many entities.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 15

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Ibm ≫ Websphere Message Broker Version6.1

Ibm ≫ Websphere Message Broker Version6.1.0.1

Ibm ≫ Websphere Message Broker Version6.1.0.2

Ibm ≫ Websphere Message Broker Version6.1.0.3

Ibm ≫ Websphere Message Broker Version6.1.0.4

Ibm ≫ Websphere Message Broker Version6.1.0.5

Ibm ≫ Websphere Message Broker Version6.1.0.6

Ibm ≫ Websphere Message Broker Version6.1.0.7

Ibm ≫ Websphere Message Broker Version6.1.0.8

Ibm ≫ Websphere Message Broker Version6.1.0.9

Ibm ≫ Websphere Message Broker Version6.1.0.10

Ibm ≫ Websphere Message Broker Version6.1.0.11

Ibm ≫ Websphere Message Broker Version8.0

Ibm ≫ Websphere Message Broker Version8.0.0.1

Ibm ≫ Websphere Message Broker Version8.0.0.2

Ibm ≫ Websphere Message Broker Version8.0.0.3

Ibm ≫ Websphere Message Broker Version7.0.

Ibm ≫ Websphere Message Broker Version7.0.0.1

Ibm ≫ Websphere Message Broker Version7.0.0.2

Ibm ≫ Websphere Message Broker Version7.0.0.3

Ibm ≫ Websphere Message Broker Version7.0.0.4

Ibm ≫ Websphere Message Broker Version7.0.0.5

Ibm ≫ Websphere Message Broker Version7.0.0.6

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	1.73%	0.817

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:N/I:N/A:P

http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html

http://rhn.redhat.com/errata/RHSA-2013-1507.html

http://rhn.redhat.com/errata/RHSA-2013-1508.html

http://rhn.redhat.com/errata/RHSA-2013-1509.html

http://rhn.redhat.com/errata/RHSA-2013-1793.html

http://secunia.com/advisories/56338

http://www-01.ibm.com/support/docview.wss?uid=swg21655201

http://www-01.ibm.com/support/docview.wss?uid=swg1IC96473

http://www-01.ibm.com/support/docview.wss?uid=swg21653087

Vendor Advisory

http://www-01.ibm.com/support/docview.wss?uid=swg21655202

https://exchange.xforce.ibmcloud.com/vulnerabilities/86662

https://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_November_2013

https://nvd.nist.gov/vuln/detail/CVE-2013-5372

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2013-5372

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2013-5372

EUVD