Vulnerabilities > IBM > Spectrum Symphony > High

DATE CVE VULNERABILITY TITLE RISK
2018-09-28 CVE-2018-1702 XXE vulnerability in IBM Platform Symphony and Spectrum Symphony
IBM Platform Symphony 7.1 Fix Pack 1 and 7.1.1 and IBM Spectrum Symphony 7.1.2 and 7.2.0.2 are vulnerable to a XML External Entity Injection (XXE) attack when processing XML data.
network
low complexity
ibm CWE-611
7.1
2018-08-01 CVE-2018-1595 Unspecified vulnerability in IBM Platform Symphony and Spectrum Symphony
IBM Spectrum Symphony and Platform Symphony 7.1.2 and 7.2.0.2 could allow an authenticated user to execute arbitrary commands due to improper handling of user supplied input.
network
low complexity
ibm
8.8