CyberSec.Space Logo
Back to CVE Browser

CVE-2016-6111

CRITICAL
9.1
CVSS Severity Score
EPSS Score0.0970%
EPSS Percentile6.66th
PublishedMar 31, 2017
Last ModifiedMay 13, 2026

Vulnerability Description

IBM Curam Social Program Management 6.0 and 7.0 are vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume all available memory resources. IBM Reference #: 2000833.

Affected Platforms (CPE)

πŸ“¦
Ibm

Curam Social Program Management

= 5.2
πŸ“¦
Ibm

Curam Social Program Management

= 5.2
πŸ“¦
Ibm

Curam Social Program Management

= 5.2
πŸ“¦
Ibm

Curam Social Program Management

= 6.0
πŸ“¦
Ibm

Curam Social Program Management

= 6.0
πŸ“¦
Ibm

Curam Social Program Management

= 6.0.0
πŸ“¦
Ibm

Curam Social Program Management

= 6.0.4.0
πŸ“¦
Ibm

Curam Social Program Management

= 6.0.4.1
πŸ“¦
Ibm

Curam Social Program Management

= 6.0.4.2
πŸ“¦
Ibm

Curam Social Program Management

= 6.0.4.3
πŸ“¦
Ibm

Curam Social Program Management

= 6.0.4.4
πŸ“¦
Ibm

Curam Social Program Management

= 6.0.4.5
πŸ“¦
Ibm

Curam Social Program Management

= 6.0.4.6
πŸ“¦
Ibm

Curam Social Program Management

= 6.0.4.7
πŸ“¦
Ibm

Curam Social Program Management

= 6.0.4.8
πŸ“¦
Ibm

Curam Social Program Management

= 6.0.5
πŸ“¦
Ibm

Curam Social Program Management

= 6.0.5.0
πŸ“¦
Ibm

Curam Social Program Management

= 6.0.5.1
πŸ“¦
Ibm

Curam Social Program Management

= 6.0.5.2
πŸ“¦
Ibm

Curam Social Program Management

= 6.0.5.3
πŸ“¦
Ibm

Curam Social Program Management

= 6.0.5.4
πŸ“¦
Ibm

Curam Social Program Management

= 6.0.5.5
πŸ“¦
Ibm

Curam Social Program Management

= 6.0.5.6
πŸ“¦
Ibm

Curam Social Program Management

= 6.0.5.7
πŸ“¦
Ibm

Curam Social Program Management

= 6.0.5.8
πŸ“¦
Ibm

Curam Social Program Management

= 6.0.5.9
πŸ“¦
Ibm

Curam Social Program Management

= 6.1.0.0
πŸ“¦
Ibm

Curam Social Program Management

= 6.1.0.1
πŸ“¦
Ibm

Curam Social Program Management

= 6.1.0.2
πŸ“¦
Ibm

Curam Social Program Management

= 6.1.0.3
πŸ“¦
Ibm

Curam Social Program Management

= 6.1.1.0
πŸ“¦
Ibm

Curam Social Program Management

= 6.1.1.1
πŸ“¦
Ibm

Curam Social Program Management

= 6.1.1.2
πŸ“¦
Ibm

Curam Social Program Management

= 6.1.1.3
πŸ“¦
Ibm

Curam Social Program Management

= 6.2.0.0
πŸ“¦
Ibm

Curam Social Program Management

= 6.2.0.1
πŸ“¦
Ibm

Curam Social Program Management

= 6.2.0.2
πŸ“¦
Ibm

Curam Social Program Management

= 6.2.0.3
πŸ“¦
Ibm

Curam Social Program Management

= 7.0.0.0

References & Advisories

πŸ”— http://www.ibm.com/support/docview.wss?uid=swg22000833
πŸ”— http://www.securityfocus.com/bid/97244
πŸ”— http://www.ibm.com/support/docview.wss?uid=swg22000833
πŸ”— http://www.securityfocus.com/bid/97244

Related Vulnerabilities

CVE-2014-89038.8

IBM Curam Social Program Management 6.0 SP2 before EP26, 6.0.4 before 6.0.4.5iFix10 and 6.0.5 before 6.0.5.6 allows remote authent...

CVE-2020-49428.8

IBM Curam Social Program Management 7.0.9 and 7.0.11 is vulnerable to cross-site request forgery which could allow an attacker to ...

CVE-2020-47728.1

An XML External Entity Injection (XXE) vulnerability may impact IBM Curam Social Program Management 7.0.9 and 7.0.10. A remote att...

CVE-2020-47798.1

A HTTP Verb Tampering vulnerability may impact IBM Curam Social Program Management 7.0.9 and 7.0.10. By sending a specially-crafte...