CVE Published: 21/09/2021 |
CVE Updated: 16/09/2024 |
CVE Year: 2021 Source: ibm |
Vendor: IBM |
Product: Jazz for Service Management Status : PUBLISHED
CVE-2021-29831 Description
IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 204775.