CVE-2026-1567
Awaiting Analysis Awaiting Analysis - Queue
XXE Vulnerability in IBM InfoSphere Server Risks Data Exposure

Publication date: 2026-03-03

Last updated on: 2026-03-05

Assigner: IBM Corporation

Description
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 An XML External Entity (XXE) vulnerability in IBM InfoSphere Information Server could allow attackers to retrieve sensitive information from the server.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-03
Last Modified
2026-03-05
Generated
2026-06-16
AI Q&A
2026-03-03
EPSS Evaluated
2026-06-15
NVD
CVE-2026-1567
EUVD
EUVD-2026-9318
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
ibm infosphere_information_server From 11.7 (inc) to 11.7.1.6 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-611 The product processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-1567 is an XML External Entity (XXE) injection vulnerability affecting IBM InfoSphere Information Server versions 11.7.0.0 through 11.7.1.6.

This vulnerability allows attackers with limited privileges to remotely exploit the system without any user interaction.

By exploiting this flaw, attackers can retrieve sensitive information from the server.

Impact Analysis

The vulnerability can lead to unauthorized disclosure of sensitive information from the affected IBM InfoSphere Information Server.

It has a CVSS v3.1 base score of 7.1, indicating a high impact on availability and a low attack complexity.

Attackers with limited privileges can remotely exploit this vulnerability without user interaction, potentially disrupting service availability.

Compliance Impact

I don't know

Detection Guidance

I don't know

Mitigation Strategies

To mitigate the CVE-2026-1567 vulnerability in IBM InfoSphere Information Server, you should apply the updates to versions 11.7.1.0, 11.7.1.5, or 11.7.1.6, or apply the security patch identified by APAR DT461311.

No workarounds or alternative mitigations are provided, so applying the official patches or updates is the recommended immediate step.

Additionally, it is advised to assess the impact of this vulnerability in your environment and subscribe to IBM security notifications for future updates.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-1567. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart