8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
IBM DataPower Gateway is a set of security and integration platforms from IBM USA designed specifically for mobile, cloud, application programming interface (API), web, service-oriented architecture (SOA), B2B and cloud workloads. The platform protects, integrates and optimizes access across channels using a dedicated gateway platform.IBM DataPower Gateway is vulnerable to a server-side request forgery vulnerability that stems from the product’s failure to properly validate user input, which could be exploited by an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks.