CVE-2021-22498

HIGH Year: 2021
CVSS v3 Score
8.1
High
CVSS v2 Score
5.5
Medium
Weakness Type
CWE-611
View all →

Vulnerability Description

XML External Entity Injection vulnerability in Micro Focus Application Lifecycle Management (Previously known as Quality Center) product. The vulnerability affects versions 12.x, 12.60 Patch 5 and earlier, 15.0.1 Patch 2 and earlier and 15.5. The vulnerability could be exploited to allow an XML External Entity Injection.

Related Vulnerabilities

CVE-2016-3033

HIGH
CVSS:8.1(High)

IBM AppScan Source 8.7 through 9.0.3.3 allows remote authenticated users to read arbitrary files or cause a denial of service (memory consumption) via an XML document containing an external entity dec...

CWE-6112016

CVE-2016-3055

HIGH
CVSS:8.1(High)

IBM FileNet Workplace 4.0.2 before 4.0.2.14 LA012 allows remote authenticated users to read arbitrary files or cause a denial of service (memory consumption) via an XML document containing an external...

CWE-6112016

CVE-2016-6059

HIGH
CVSS:8.1(High)

IBM InfoSphere Information Server is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerabil...

CWE-6112016

CVE-2016-8974

HIGH
CVSS:8.1(High)

IBM Rhapsody DM 4.0, 5.0 and 6.0 is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerabili...

CWE-6112016

CVE-2016-8980

HIGH
CVSS:8.1(High)

IBM BigFix Inventory v9 is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to exp...

CWE-6112016

CVE-2016-9698

HIGH
CVSS:8.1(High)

IBM Rhapsody DM 4.0, 5.0, and 6.0 is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerabil...

CWE-6112016