IT15089: VULNERABILITIES IN THE XML PROCESSING COMPONENT OF SOME IBM DATAPOWER GATEWAYS INTERNAL SERVICES. (MULTIPLE CVES)
A fix is available
Closed as program error.
Vulnerabilities in the XML processing component of some IBM DataPower Gateways internal services. (CVE-2015-5312 CVE-2015-7497 CVE-2015-7498 CVE-2015-7499 CVE-2015-7500 CVE-2015-7941 CVE-2015-7942 CVE-2015-8241 CVE-2015-8242 CVE-2015-8317) The XML processing component of some IBM DataPower gateways internal services is affected by a variety of vulnerabilities that can cause a denial of service when presented with specially crafted data.
Multiple CVEs (CVE-2015-5312 CVE-2015-7497 CVE-2015-7498 CVE-2015-7499 CVE-2015-7500 CVE-2015-7941 CVE-2015-7942 CVE-2015-8241 CVE-2015-8242 CVE-2015-8317) concern vulnerabilities in the processing of XML files for some internal services which can cause a denial of service. IBM DataPower Gateways versions 18.104.22.168 to 22.214.171.124 are affected by these CVEs.
Fix is available in 126.96.36.199 and 188.8.131.52 For a list of the latest fix packs available, please see: http://www-01.ibm.com/support/docview.wss?uid=swg21237631
Reported component name
Reported component ID
NoSpecatt / Xsystem
Last modified date
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fixed component name
Fixed component ID
Applicable component levels