CVE-2018-1364 is a vulnerability in IBM Content Navigator
Published on January 29, 2018

IBM Content Navigator 2.0 and 3.0 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 137449.

NVD

Products Associated with CVE-2018-1364

Want to know whenever a new CVE is published for IBM Content Navigator? stack.watch will email you.

IBM Content Navigator

Affected Versions

IBM Content Navigator:

Version 3.0.0 is affected.
Version 2.0.3.8 is affected.
Version 3.0.1 is affected.
Version 3.0.2 is affected.
Version 3.0.3 is affected.

Exploit Probability

EPSS

0.53%

Percentile

66.80%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2018-1364 is a vulnerability in IBM Content NavigatorPublished on January 29, 2018

Products Associated with CVE-2018-1364

Affected Versions

Exploit Probability

CVE-2018-1364 is a vulnerability in IBM Content Navigator
Published on January 29, 2018