Lucene search

IbmCVE-2012-5758

HistoryNov 23, 2012 - 12:09 p.m.

CVE-2012-5758

2012-11-2312:09:57

CWE-287

ibm

web.nvd.nist.gov

ibm

websphere

datapower

xc10

appliance

cve-2012-5758

nvd

security

vulnerability

denial of service

remote attackers

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

AI Score

6.9

Confidence

Low

EPSS

0.023

Percentile

89.8%

JSON

The IBM WebSphere DataPower XC10 Appliance 2.0.0.0 through 2.0.0.3 and 2.1.0.0 through 2.1.0.2 does not require authentication for an unspecified interface, which allows remote attackers to cause a denial of service (process exit) via unknown vectors.

Affected configurations

Nvd

Node

ibmwebsphere_datapower_xc10_applianceMatch2.0.0.0

ibmwebsphere_datapower_xc10_applianceMatch2.0.0.1

ibmwebsphere_datapower_xc10_applianceMatch2.0.0.2

ibmwebsphere_datapower_xc10_applianceMatch2.0.0.3

ibmwebsphere_datapower_xc10_applianceMatch2.1.0.0

ibmwebsphere_datapower_xc10_applianceMatch2.1.0.1

ibmwebsphere_datapower_xc10_applianceMatch2.1.0.2

VendorProductVersionCPE
ibmwebsphere_datapower_xc10_appliance2.0.0.0cpe:2.3:h:ibm:websphere_datapower_xc10_appliance:2.0.0.0:*:*:*:*:*:*:*
ibmwebsphere_datapower_xc10_appliance2.0.0.1cpe:2.3:h:ibm:websphere_datapower_xc10_appliance:2.0.0.1:*:*:*:*:*:*:*
ibmwebsphere_datapower_xc10_appliance2.0.0.2cpe:2.3:h:ibm:websphere_datapower_xc10_appliance:2.0.0.2:*:*:*:*:*:*:*
ibmwebsphere_datapower_xc10_appliance2.0.0.3cpe:2.3:h:ibm:websphere_datapower_xc10_appliance:2.0.0.3:*:*:*:*:*:*:*
ibmwebsphere_datapower_xc10_appliance2.1.0.0cpe:2.3:h:ibm:websphere_datapower_xc10_appliance:2.1.0.0:*:*:*:*:*:*:*
ibmwebsphere_datapower_xc10_appliance2.1.0.1cpe:2.3:h:ibm:websphere_datapower_xc10_appliance:2.1.0.1:*:*:*:*:*:*:*
ibmwebsphere_datapower_xc10_appliance2.1.0.2cpe:2.3:h:ibm:websphere_datapower_xc10_appliance:2.1.0.2:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	websphere_datapower_xc10_appliance	2.0.0.0	cpe:2.3:h:ibm:websphere_datapower_xc10_appliance:2.0.0.0:::::::*
ibm	websphere_datapower_xc10_appliance	2.0.0.1	cpe:2.3:h:ibm:websphere_datapower_xc10_appliance:2.0.0.1:::::::*
ibm	websphere_datapower_xc10_appliance	2.0.0.2	cpe:2.3:h:ibm:websphere_datapower_xc10_appliance:2.0.0.2:::::::*
ibm	websphere_datapower_xc10_appliance	2.0.0.3	cpe:2.3:h:ibm:websphere_datapower_xc10_appliance:2.0.0.3:::::::*
ibm	websphere_datapower_xc10_appliance	2.1.0.0	cpe:2.3:h:ibm:websphere_datapower_xc10_appliance:2.1.0.0:::::::*
ibm	websphere_datapower_xc10_appliance	2.1.0.1	cpe:2.3:h:ibm:websphere_datapower_xc10_appliance:2.1.0.1:::::::*
ibm	websphere_datapower_xc10_appliance	2.1.0.2	cpe:2.3:h:ibm:websphere_datapower_xc10_appliance:2.1.0.2:::::::*

References

secunia.com/advisories/51319

www-01.ibm.com/support/docview.wss?uid=swg1IC86908

www-01.ibm.com/support/docview.wss?uid=swg21615783

www-01.ibm.com/support/docview.wss?uid=swg24033740

www.securityfocus.com/bid/56617

www.securitytracker.com/id?1027798

exchange.xforce.ibmcloud.com/vulnerabilities/80063

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

AI Score

6.9

Confidence

Low

EPSS

0.023

Percentile

89.8%

JSON

Related for CVE-2012-5758