cpe:/a:ibm:rational_rhapsody_design_manager:4.0 cpe:/a:ibm:rational_rhapsody_design_manager:4.0.1 cpe:/a:ibm:rational_rhapsody_design_manager:4.0.2 cpe:/a:ibm:rational_rhapsody_design_manager:4.0.3 cpe:/a:ibm:rational_rhapsody_design_manager:4.0.4 cpe:/a:ibm:rational_rhapsody_design_manager:4.0.5 cpe:/a:ibm:rational_rhapsody_design_manager:4.0.6 cpe:/a:ibm:rational_rhapsody_design_manager:4.0.7 cpe:/a:ibm:rational_rhapsody_design_manager:5.0 cpe:/a:ibm:rational_rhapsody_design_manager:5.0.1 cpe:/a:ibm:rational_rhapsody_design_manager:5.0.2 cpe:/a:ibm:rational_rhapsody_design_manager:6.0 cpe:/a:ibm:rational_rhapsody_design_manager:6.0.1 cpe:/a:ibm:rational_rhapsody_design_manager:6.0.2 CVE-2016-9698 2017-06-08T17:29:00.533-04:00 2017-06-14T10:05:41.420-04:00 7.5 NETWORK LOW SINGLE_INSTANCE PARTIAL NONE COMPLETE http://nvd.nist.gov 2017-06-14T09:38:04.593-04:00 BID 96829 CONFIRM http://www.ibm.com/support/docview.wss?uid=swg21999960 CONFIRM http://www.ibm.com/support/docview.wss?uid=swg22002258 MISC https://exchange.xforce.ibmcloud.com/vulnerabilities/119522 IBM Rhapsody DM 4.0, 5.0, and 6.0 is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume all available memory resources. IBM Reference #: 1999960.