BSA-2017-332
21665
10 September 2018
23 June 2017
Closed
High
8.2
N/A
CVE-2017-1289
Summary
Security Advisory ID : BSA-2017-332
Component : IBM JDK
Revision : 3.0: Final
IBM JDK versions 6.0.16.45, 7.0.10.5, 7.1.4.5, and 8.0.4.5 correct a security issue. IBM SDK, Java Technology Edition is vulnerable XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume memory resources.
Affected Products
Brocade Network Advisor - Fixed in 14.3.0
Brocade Fabric OS
Workaround
There are no workarounds that address this vulnerability.
Revision History
Version | Change | Date |
---|---|---|
1.0 | Initial Publication | June 23, 2017 |
2.0 | Updated to address NOS & WC | October 13, 2017 |
3.0 | Updated with BNA version and to reflect Fiber Channel Products Only. | September 10, 2018 |