CVE-2012-3340

Medium

IBM InfoSphere Guardium 8.0, 8.01, and 8.2 is vulnerable to XML external entity injection, caused by improper validation of user-supplied…

ibm·CWE-776·Published 2020-09-01

CVSS

4.3

EPSS

0.01

KEV

Exploits

cve.orgen

265 chars

IBM InfoSphere Guardium 8.0, 8.01, and 8.2 is vulnerable to XML external entity injection, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to obtain sensitive information. IBM X-Force ID: 78291.

NVDen

265 chars

NVDes

326 chars

IBM InfoSphere Guardium versiones 8.0, 8.01 y 8.2, es vulnerable a una inyección de entidad externa XML, causada por una comprobación inapropiada de la entrada suministrada por un usuario. Un atacante autenticado remoto podría explotar esta vulnerabilidad para obtener información confidencial. IBM X-Force ID: 78291

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	4.0	8.0	2.9	AV:N/AC:L/Au:S/C:P/I:N/A:N
3.0	Primary	cve.org	4.3	—	—	CVSS:3.0/I:N/UI:N/AV:N/S:U/PR:L/C:L/A:N/AC:L/E:U/RC:C/RL:O