CVE-2023-28008

HIGH Year: 2023
CVSS v3 Score
8.1
High
Weakness Type
CWE-611
View all →

Vulnerability Description

HCL Workload Automation 9.4, 9.5, and 10.1 are vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources.

Related Vulnerabilities

CVE-2016-3033

HIGH
CVSS:8.1(High)

IBM AppScan Source 8.7 through 9.0.3.3 allows remote authenticated users to read arbitrary files or cause a denial of service (memory consumption) via an XML document containing an external entity dec...

CWE-6112016

CVE-2016-3055

HIGH
CVSS:8.1(High)

IBM FileNet Workplace 4.0.2 before 4.0.2.14 LA012 allows remote authenticated users to read arbitrary files or cause a denial of service (memory consumption) via an XML document containing an external...

CWE-6112016

CVE-2016-6059

HIGH
CVSS:8.1(High)

IBM InfoSphere Information Server is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerabil...

CWE-6112016

CVE-2016-8974

HIGH
CVSS:8.1(High)

IBM Rhapsody DM 4.0, 5.0 and 6.0 is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerabili...

CWE-6112016

CVE-2016-8980

HIGH
CVSS:8.1(High)

IBM BigFix Inventory v9 is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to exp...

CWE-6112016

CVE-2016-9698

HIGH
CVSS:8.1(High)

IBM Rhapsody DM 4.0, 5.0, and 6.0 is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerabil...

CWE-6112016