Rewterz Threat Advisory – Multiple Google Chrome Security Vulnerabilities
May 27, 2021Rewterz Threat Advisory – CVE-2021-22160 – Apache Pulsar Information Disclosure Vulnerability
May 27, 2021Rewterz Threat Advisory – Multiple Google Chrome Security Vulnerabilities
May 27, 2021Rewterz Threat Advisory – CVE-2021-22160 – Apache Pulsar Information Disclosure Vulnerability
May 27, 2021Severity
Medium
Analysis Summary
CVE-2021-20492
IBM WebSphere Application Server and Liberty Java Batch is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resource
Impact
- Consumption of memory resources
- Information disclosure
Affected Vendors
IBM
Affected Products
- IBM WebSphere Application Server 8.0
- IBM WebSphere Application Server 8.5
- IBM WebSphere Application Server 9.0
- IBM WebSphere Application Server Liberty
Remediation
Refer to IBM Security Bulletin for patch, upgrade or suggested workaround information. https://www.ibm.com/support/pages/node/6456017