Information on possible vectors of attack and fixes can be found here. Information on possible vectors of attack and fixes can be found here. CVE-2018-3092 - XML External Entity Injection (XXE) When processing XML data, the IBM InfoSphere Information Server could be vulnerable to an XML External Entity Injection (XXE) attack, due to lack of sanitization. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 236584. The Common Vulnerabilities and Exposures project has assigned this issue number. A description of the vulnerability can be found here.
Apache Struts CVE-2018-1091
An issue was discovered in Apache Struts 2. An input validation vulnerability could allow execute code to be executed when handling a request with a specially crafted parameter name. A remote attacker could exploit this vulnerability to conduct a cross-site scripting (XSS) attack. IBM X-Force ID: 248904.
IBM InfoSphere Information Server Overview
InfoSphere Information Server is a Content Management Server (CMS) for enterprise environments. The InfoSphere Information Server runs on various combinations of hardware and software as a clustered appliance with open APIs exposed via SOAP and REST.
InfoSphere Information Server uses XML to store metadata and data from web services, which may be vulnerable to XML External Entity Injection (XXE) attacks if not sanitized properly.
IBM X-Force ID: 236584
```
1. Open XML files in the server using a browser 2. Enter the following URL into the address bar
http://server/apps/service?wsdl 3. Click ```OK'' 4. Wait for a few seconds 5. On the next page, find the WSDL file listed under ```WSDLs'' 6. Replace it with one of these URLs: http://nginx/xml-files/remote_files/invalid_wsdl?wsdl http://example.com:8080/xml-files/remote_files/invalid_wsdl?wsdl
```
Timeline
Published on: 11/03/2022 20:15:00 UTC
Last modified on: 11/04/2022 16:27:00 UTC