CVE-2014-0931
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Multiple XML external entity (XXE) vulnerabilities in the (1) CCRC WAN Server / CM Server, (2) Perl CC/CQ integration trigger scripts, (3) CMAPI Java interface, (4) ClearCase remote client, and (5) CMI and OSLC-based ClearQuest integrations components in IBM Rational ClearCase 7.1.0.x, 7.1.1.x, 7.1.2 through 7.1.2.13, 8.0 through 8.0.0.10, and 8.0.1 through 8.0.1.3 allow remote attackers to cause a denial of service or access other servers via crafted XML data. IBM X-Force ID: 92263.
Múltiples vulnerabilidades de XEE (XML External Entity) en (1) CCRC WAN Server / CM Server, (2) los scripts de desencadenamiento de integración Perl CC/CQ, (3) la interfaz Java CMAPI, (4) el cliente remoto ClearCase y (5) los componentes de integración basados en CMI y OSLC ClearQuest en IBM Rational ClearCase 7.1.0.x, 7.1.1.x, 7.1.2 hasta 7.1.2.13, 8.0 hasta 8.0.0.10 y 8.0.1 hasta 8.0.1.3 permiten que atacantes remotos provoquen una denegación de servicio (DoS) o accedan a otros servidores mediante datos XML manipulados. IBM X-Force ID: 92263.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2014-01-06 CVE Reserved
- 2018-04-20 CVE Published
- 2023-09-11 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-611: Improper Restriction of XML External Entity Reference
CAPEC
References (2)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www-01.ibm.com/support/docview.wss?uid=swg21668868 | 2018-05-22 |
| URL | Date | SRC |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/92263 | 2018-05-22 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Ibm Search vendor "Ibm" | Rational Clearcase Search vendor "Ibm" for product "Rational Clearcase" | >= 7.1 <= 7.1.0.2 Search vendor "Ibm" for product "Rational Clearcase" and version " >= 7.1 <= 7.1.0.2" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Rational Clearcase Search vendor "Ibm" for product "Rational Clearcase" | >= 7.1.1 <= 7.1.1.9 Search vendor "Ibm" for product "Rational Clearcase" and version " >= 7.1.1 <= 7.1.1.9" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Rational Clearcase Search vendor "Ibm" for product "Rational Clearcase" | >= 7.1.2 <= 7.1.2.13 Search vendor "Ibm" for product "Rational Clearcase" and version " >= 7.1.2 <= 7.1.2.13" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Rational Clearcase Search vendor "Ibm" for product "Rational Clearcase" | >= 8.0 <= 8.0.0.10 Search vendor "Ibm" for product "Rational Clearcase" and version " >= 8.0 <= 8.0.0.10" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Rational Clearcase Search vendor "Ibm" for product "Rational Clearcase" | >= 8.0.1 <= 8.0.1.3 Search vendor "Ibm" for product "Rational Clearcase" and version " >= 8.0.1 <= 8.0.1.3" | - |
Affected
| ||||||