How severe is CVE-2018-11048?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.1 out of 10.

What type of vulnerability is CVE-2018-11048?

This is classified as CWE-611, which is a common weakness in software security.

CVE-2018-11048

HIGH Year: 2018

CVSS v3 Score

8.1

High

CVSS v2 Score

5.5

Medium

Weakness Type

CWE-611

View all →

Vulnerability Description

Dell EMC Data Protection Advisor, versions 6.2, 6,3, 6.4, 6.5 and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2.1 contain a XML External Entity (XXE) Injection vulnerability in the REST API. An authenticated remote malicious user could potentially exploit this vulnerability to read certain system files in the server or cause denial of service by supplying specially crafted Document Type Definitions (DTDs) in an XML request.

CVE-2016-3033

HIGH

CVSS:8.1(High)

IBM AppScan Source 8.7 through 9.0.3.3 allows remote authenticated users to read arbitrary files or cause a denial of service (memory consumption) via an XML document containing an external entity dec...

CWE-6112016

CVE-2016-3055

HIGH

CVSS:8.1(High)

IBM FileNet Workplace 4.0.2 before 4.0.2.14 LA012 allows remote authenticated users to read arbitrary files or cause a denial of service (memory consumption) via an XML document containing an external...

CWE-6112016

CVE-2016-6059

HIGH

CVSS:8.1(High)

IBM InfoSphere Information Server is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerabil...

CWE-6112016

CVE-2016-8974

HIGH

CVSS:8.1(High)

IBM Rhapsody DM 4.0, 5.0 and 6.0 is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerabili...

CWE-6112016

CVE-2016-8980

HIGH

CVSS:8.1(High)

IBM BigFix Inventory v9 is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to exp...

CWE-6112016

CVE-2016-9698

HIGH

CVSS:8.1(High)

IBM Rhapsody DM 4.0, 5.0, and 6.0 is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerabil...

CWE-6112016

CVE-2018-11048

Vulnerability Description

Related Vulnerabilities

CVE-2016-3033

CVE-2016-3055

CVE-2016-6059

CVE-2016-8974

CVE-2016-8980

CVE-2016-9698