This script is Copyright (C) 2014-2016 Tenable Network Security, Inc.
The remote host is affected by a file disclosure vulnerability.
According to its self-reported version, the IBM Tivoli Endpoint
Manager server installed on the remote host is 8.2.x prior to
8.2.1445.0, 9.0.x prior to 9.0.853.0, or 9.1.x prior to 9.1.1088.0. It
is, therefore, affected by an information disclosure vulnerability due
to an XML External Entity (XXE) flaw that allows an attacker to read
arbitrary files on the host by sending specially crafted XML data.
Note that this vulnerability only affects the Console, Root Server,
Web Reports, and Server API components. It does not affect the Agent
and Relay components.
See also :
Upgrade to Tivoli Endpoint Manager server 8.2.1445.0 / 9.0.853.0 /
9.1.1088.0 or later.
Risk factor :
Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 3.7
Public Exploit Available : false