CVE-2024-54171

IBM EntireX 11.1 is vulnerable to an XML external entity injection (XXE) attack when processing XML data. An authenticated attacker could exploit this vulnerability to expose sensitive information or consume memory resources.
References
Link Resource
https://www.ibm.com/support/pages/node/7182693 Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:ibm:entirex:11.1:*:*:*:*:*:*:*
OR cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

History

07 Jul 2025, 17:50

Type Values Removed Values Added
First Time Microsoft
Ibm entirex
Linux
Ibm
Microsoft windows
Linux linux Kernel
CPE cpe:2.3:a:ibm:entirex:11.1:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
Summary
  • (es) IBM EntireX 11.1 es vulnerable a un ataque de inyección de entidad externa (XXE) XML al procesar datos XML. Un atacante autenticado podría aprovechar esta vulnerabilidad para exponer información confidencial o consumir recursos de memoria.
References () https://www.ibm.com/support/pages/node/7182693 - () https://www.ibm.com/support/pages/node/7182693 - Vendor Advisory

06 Feb 2025, 21:15

Type Values Removed Values Added
New CVE

Information

Published : 2025-02-06 21:15

Updated : 2025-07-07 17:50


NVD link : CVE-2024-54171

Mitre link : CVE-2024-54171

CVE.ORG link : CVE-2024-54171


JSON object : View

Products Affected

linux

  • linux_kernel

microsoft

  • windows

ibm

  • entirex
CWE
CWE-611

Improper Restriction of XML External Entity Reference