Lucene search
HistoryAug 03, 2015 - 7:59 p.m.
CVE-2015-1970
ibm
datapower
xc10
ssd
data retention
vulnerability
cve-2015-1970
nvd
2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
6 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
12.7%
The IBM WebSphere DataPower XC10 appliance 2.1 through 2.1.0.3 and 2.5 through 2.5.0.4 retains data on SSD cards, which might allow physically proximate attackers to obtain sensitive information by extracting a card and attaching it elsewhere.
Affected configurations
Node
ibmwebsphere_datapower_xc10_appliance_firmwareMatch2.1.0.0
ORibmwebsphere_datapower_xc10_appliance_firmwareMatch2.1.0.1
ORibmwebsphere_datapower_xc10_appliance_firmwareMatch2.1.0.2
ORibmwebsphere_datapower_xc10_appliance_firmwareMatch2.1.0.3
ORibmwebsphere_datapower_xc10_appliance_firmwareMatch2.5.0.0
ORibmwebsphere_datapower_xc10_appliance_firmwareMatch2.5.0.1
ORibmwebsphere_datapower_xc10_appliance_firmwareMatch2.5.0.2
ORibmwebsphere_datapower_xc10_appliance_firmwareMatch2.5.0.3
ORibmwebsphere_datapower_xc10_appliance_firmwareMatch2.5.0.4
Related
cvelist
cvelist
CVE-2015-1970
2015-08-03 19:00:00
nvd
nvd
CVE-2015-1970
2015-08-03 19:59:02
prion
prion
Information disclosure
2015-08-03 19:59:00
2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
6 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
12.7%
Related for CVE-2015-1970