Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistIbmCVELIST:CVE-2015-7412
HistoryNov 08, 2015 - 10:00 p.m.

CVE-2015-7412

2015-11-0822:00:00
ibm
www.cve.org
1

6.3 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

53.7%

JSON

The GatewayScript modules on IBM DataPower Gateways with software 7.2.0.x before 7.2.0.1, when the GatewayScript decryption API or a JWE decrypt action is enabled, do not require signed ciphertext data, which makes it easier for remote attackers to obtain plaintext data via a padding-oracle attack.

Related

nvd 1
ibm 1
cve 1
prion 1
nvd
nvd
CVE-2015-7412
2015-11-08 22:59:19
ibm
ibm
Security Bulletin: Padding Oracle Protection in IBM DataPower Gateways GatewayScript modules (CVE-2015-7412)
2018-06-15 07:03:29
cve
cve
CVE-2015-7412
2015-11-08 22:59:19
prion
prion
Code injection
2015-11-08 22:59:00

6.3 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

53.7%

JSON
Related for CVELIST:CVE-2015-7412
nvd1ibm1cve1prion1