IBM Security Bulletin: IBM Algo One Counterparty Credit Risk is affected by Open Source Spring Framework vulnerabilities (CVE-2013-6429 & CVE-2013-6430)
|
Información sobre el sistema
|
|
|
Software afectado |
IBM |
Descripción
|
Spring Framework may be prone to multiple XML External Entity injection vulnerabilities and may be vulnerable to cross site scripting issues when using Spring MVC. CVE(s): CVE-2013-6429 and CVE-2013-6430 Affected product(s) and affected version(s): IBM Algo One Counterparty Credit Risk v 5.0.0 Refer to the following reference URLs for remediation and additional vulnerability details: Source Bulletin: http://www.ibm.com/support/docview.wss?uid=swg21687759 X-Force Database:
More info:
https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_ibm_algo_one_counterparty_credit_risk_is_affected_by_open_source_spring_framework_vulnerabilities_cve_2013_6429_amp_cve_2013_6430?lang=en_us |
Identificadores estándar
|
Propiedad |
Valor |
CVE |
CVE-2013-6429 ,CVE-2013-6430 ,CVE-2013-4444 ,CVE-2013-4286 ,CVE-2014-0033 ,CVE-2013-4322 ,CVE-2013-4590 ,CVE-2014-6271 ,CVE-2014-7169 ,CVE-2014-3566 ,CVE-2014-6099 ,CVE-2014-4244 and CVE-2014-4263. |