CVE-2017-1289

EPSS 0.92% · P76 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2017-1289

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

IBM SDK, Java Technology Edition is vulnerable XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume memory resources. IBM X-Force ID: 125150.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

IBM SDK, Java Technology Edition 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

IBM SDK, Java Technology Edition是美国IBM公司的一款用于Java应用程序开发的软件开发工具包。 IBM SDK, Java Technology Edition中存在XML外部实体注入漏洞。远程攻击者可利用该漏洞获取敏感信息或消耗内存资源。以下版本受到影响：IBM SDK, Java Technology Edition 6 Service Refresh 16 Fix Pack 41及之前的版本，IBM SDK, Java Technology Edition 6R1

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
IBM Corporation	Runtimes for Java Technology	6.0, 6.1, 7.0, 7.1, 8.0	-

II. Public POCs for CVE-2017-1289

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2017-1289

Please Login to view more intelligence information

🔗 https://www.ibm.com/support/docview.wss?uid=swg22002169x_refsource_CONFIRM
http://www.securityfocus.com/bid/98401vdb-entryx_refsource_BID
🔗 https://access.redhat.com/errata/RHSA-2017:1221vendor-advisoryx_refsource_REDHAT
🔗 https://access.redhat.com/errata/RHSA-2017:3453vendor-advisoryx_refsource_REDHAT
🔗 https://access.redhat.com/errata/RHSA-2017:1222vendor-advisoryx_refsource_REDHAT
🔗 https://access.redhat.com/errata/RHSA-2017:1220vendor-advisoryx_refsource_REDHAT
https://nvd.nist.gov/vuln/detail/CVE-2017-1289

Same Patch Batch · IBM Corporation · 2017-05-22 · 6 CVEs total

CVE-2016-6112		IBM Distributed Marketing、Marketing Platform和Marketing Operations 安全漏洞
CVE-2017-1092		IBM Informix Dynamic Server Open Admin Tool 安全漏洞
CVE-2017-1159		IBM Business Process Manager 安全漏洞
CVE-2017-1282		IBM Content Navigator 跨站脚本漏洞
CVE-2017-1320		IBM Tivoli Federated Identity Manager 跨站脚本漏洞

IV. Related Vulnerabilities

Same vendor: IBM Corporation

V. Comments for CVE-2017-1289

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2017-1289

I. Basic Information for CVE-2017-1289

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2017-1289

III. Intelligence Information for CVE-2017-1289

Same Patch Batch · IBM Corporation · 2017-05-22 · 6 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2017-1289

Leave a comment