What is CVE-2016-0245?

CVE-2016-0245 is a medium-severity vulnerability in Ibm Websphere_portal. CVSS score: 5.4/10. Published 2016-02-29.

How severe is CVE-2016-0245?

Medium severity. CVSS v3 base score is 5.4 out of 10.

Vulnerability in Ibm Websphere_portal

CVE-2016-0245

The XML parser in IBM WebSphere Portal 8.0.x before 8.0.0.1 CF20 and 8.5.x before 8.5.0.0 CF10 allows remote authenticated users to read arbitrary files or cause a denial of service via an external entity declaration in conjunction with an…

EPSS: 0.003 (54.5th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.4 (Medium). Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L.

Affected products

Ibm Websphere_portal — versions 8.0.0.0, 8.0.0.1, 8.5.0.0
N/a — versions n/a

References

psirt@us.ibm.com (x_refsource_CONFIRM, Patch, Vendor Advisory)
PI56682 (vendor-advisory, Not Applicable, x_refsource_AIXAPAR)

Frequently asked questions

What is CVE-2016-0245?: CVE-2016-0245 is a medium-severity vulnerability in Ibm Websphere_portal. CVSS score: 5.4/10. Published 2016-02-29.
How severe is CVE-2016-0245?: Medium severity. CVSS v3 base score is 5.4 out of 10.