Request a Demo
Rewterz
Rewterz Threat Advisory – Multiple Google Chrome Security Vulnerabilities
May 27, 2021
Rewterz
Rewterz Threat Advisory – CVE-2021-22160 – Apache Pulsar Information Disclosure Vulnerability
May 27, 2021

Rewterz Threat Advisory – CVE-2021-20492 – IBM WebSphere Application Server XML external entity injection

Severity

Medium

Analysis Summary

CVE-2021-20492

IBM WebSphere Application Server and Liberty Java Batch is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resource

Impact

  • Consumption of memory resources
  • Information disclosure

Affected Vendors

IBM

Affected Products

  • IBM WebSphere Application Server 8.0
  • IBM WebSphere Application Server 8.5
  • IBM WebSphere Application Server 9.0
  • IBM WebSphere Application Server Liberty

Remediation

Refer to IBM Security Bulletin for patch, upgrade or suggested workaround information. https://www.ibm.com/support/pages/node/6456017