IBM Sterling Partner Engagement Manager is an automation management tool from IBM, Inc. An XML external entity injection vulnerability exists in IBM Sterling Partner Engagement Manager, which stems from a network system or product that does not set the correct filtering to allow references to external entities, which could be exploited by remote attackers to expose sensitive information or consume memory resources.