{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-21T00:28:04.022","vulnerabilities":[{"cve":{"id":"CVE-2016-2908","sourceIdentifier":"psirt@us.ibm.com","published":"2017-02-01T20:59:00.300","lastModified":"2025-04-20T01:37:25.860","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"IBM Single Sign On for Bluemix could allow a remote attacker to obtain sensitive information, caused by a XML external entity (XXE) error when processing XML data by the XML parser. A remote attacker could exploit this vulnerability to read arbitrary files on the system or cause a denial of service."},{"lang":"es","value":"IBM Single Sign On para Bluemix podrían permitir a un atacante remoto obtener información sensible, provocado por un error de entidad externa XML (XXE) al procesar datos XML por el analizador XML. Un atacante remoto podría explotar esta vulnerabilidad para leer archivos arbitrarios del sistema o provocar una denegación de servicio."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.2}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:P","baseScore":6.4,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":4.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-611"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ibm:security_access_manager_9.0_firmware:9.0.0:*:*:*:*:*:*:*","matchCriteriaId":"6B5B6BD9-C0DF-4359-A6C1-F66E24912800"},{"vulnerable":true,"criteria":"cpe:2.3:o:ibm:security_access_manager_9.0_firmware:9.0.0.1:*:*:*:*:*:*:*","matchCriteriaId":"6F18D4AF-43DE-42A0-898E-50FBA7ADDDDE"},{"vulnerable":true,"criteria":"cpe:2.3:o:ibm:security_access_manager_9.0_firmware:9.0.1.0:*:*:*:*:*:*:*","matchCriteriaId":"847598BF-977A-4592-A6A1-2C7F04F29FDC"},{"vulnerable":true,"criteria":"cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.1:*:*:*:*:*:*:*","matchCriteriaId":"EA4B8E11-83D3-4B38-90B6-4C0F536D06B6"},{"vulnerable":true,"criteria":"cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.2:*:*:*:*:*:*:*","matchCriteriaId":"AFD6FF12-A3AD-4D2B-92EB-44D20AF4DD9D"},{"vulnerable":true,"criteria":"cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.3:*:*:*:*:*:*:*","matchCriteriaId":"AD7C3FED-3B2F-4EC9-9A9B-05EFDB0AA56B"},{"vulnerable":true,"criteria":"cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.0.5:*:*:*:*:*:*:*","matchCriteriaId":"250AF7A4-8DDF-427C-8BF7-788667908D77"},{"vulnerable":true,"criteria":"cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.1.0:*:*:*:*:*:*:*","matchCriteriaId":"76136DDE-1530-482B-9E32-3EA2496FDFCA"},{"vulnerable":true,"criteria":"cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.1.2:*:*:*:*:*:*:*","matchCriteriaId":"8CBEA0D7-FBD0-4C7D-AB8F-73018359996A"},{"vulnerable":true,"criteria":"cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.1.3:*:*:*:*:*:*:*","matchCriteriaId":"7CCECD9C-D506-4AEA-AE59-49A81E2D7020"},{"vulnerable":true,"criteria":"cpe:2.3:o:ibm:security_access_manager_for_mobile_8.0_firmware:8.0.1.4:*:*:*:*:*:*:*","matchCriteriaId":"FCB6511D-5B6C-4BBB-8DEF-C37026398D6C"},{"vulnerable":true,"criteria":"cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.1:*:*:*:*:*:*:*","matchCriteriaId":"4B0D27CF-70BF-4C72-A963-310272D8EBF7"},{"vulnerable":true,"criteria":"cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.2:*:*:*:*:*:*:*","matchCriteriaId":"97E19969-DD73-42F2-9E91-504E1663B268"},{"vulnerable":true,"criteria":"cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.3:*:*:*:*:*:*:*","matchCriteriaId":"F9CC2E05-5179-4241-A710-E582510EEB0D"},{"vulnerable":true,"criteria":"cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.5:*:*:*:*:*:*:*","matchCriteriaId":"BD1366C8-9C78-4B40-8E40-19C4DFEC2B1D"},{"vulnerable":true,"criteria":"cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.1.0:*:*:*:*:*:*:*","matchCriteriaId":"73E4F0CD-26DF-4975-8F40-ECB8E03A08C2"},{"vulnerable":true,"criteria":"cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.1.2:*:*:*:*:*:*:*","matchCriteriaId":"FFE6F2A0-BD38-4853-A8FB-299A341FA0B6"},{"vulnerable":true,"criteria":"cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.1.3:*:*:*:*:*:*:*","matchCriteriaId":"D0122CE6-44D9-4A5F-8DD4-B1F7F229FDFB"},{"vulnerable":true,"criteria":"cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.1.4:*:*:*:*:*:*:*","matchCriteriaId":"D1C6294A-7243-499D-8371-F000BEB7CF2F"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ibm:security_access_manager_for_mobile_appliance:8.0:*:*:*:*:*:*:*","matchCriteriaId":"506C4B29-BC71-4C56-BAB1-06E63BEB1DD3"},{"vulnerable":false,"criteria":"cpe:2.3:h:ibm:security_access_manager_for_web_appliance:8.0:*:*:*:*:*:*:*","matchCriteriaId":"1C5EBB4D-36F8-453C-9D2C-A63490144596"}]}]}],"references":[{"url":"http://www.ibm.com/support/docview.wss?uid=swg21995531","source":"psirt@us.ibm.com","tags":["Patch","Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/95295","source":"psirt@us.ibm.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1038506","source":"psirt@us.ibm.com"},{"url":"http://www.ibm.com/support/docview.wss?uid=swg21995531","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/95295","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1038506","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}