CVE-2015-7400 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2015-7400

CWE

https://cwe.mitre.org/data/definitions/399.html

The Lotus Mashups component in IBM Mashup Center 3.0.0.1 allows remote authenticated users to cause a denial of service (CPU consumption) via an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

Affected Software

Name	Vendor	Start Version	End Version
Mashups_center	Ibm	3.0.0.1 (including)	3.0.0.1 (including)

References

http://www-01.ibm.com/support/docview.wss?uid=swg1IT12268
http://www-01.ibm.com/support/docview.wss?uid=swg21970392
http://www.securityfocus.com/bid/77986
http://www.securitytracker.com/id/1035319
http://www-01.ibm.com/support/docview.wss?uid=swg1IT12268
http://www-01.ibm.com/support/docview.wss?uid=swg21970392
http://www.securityfocus.com/bid/77986
http://www.securitytracker.com/id/1035319