CVE-2018-1666

🗓️ 07 Feb 2019 16:00:00Reported by ibmType

IBM DataPower Gateway vulnerability in versions 2018.4.1.0 to 7.7.1.

Reporter	Title	Published	Views	Family All 6
IBM Security Bulletins	Security Bulletin: IBM DataPower Gateway is affected by a message injection vulnerability (CVE-2018-1666)	11 Jan 201915:05	–	ibm
IBM Security Bulletins	Security Bulletin: IBM MQ Appliance is affected by a UI message injection vulnerability (CVE-2018-1666)	21 Feb 201911:30	–	ibm
CVE	CVE-2018-1666	7 Feb 201916:00	–	cve
EUVD	EUVD-2018-12245	7 Oct 202500:30	–	euvd
NVD	CVE-2018-1666	7 Feb 201915:29	–	nvd
Prion	Code injection	7 Feb 201915:29	–	prion

[
  {
    "product": "DataPower Gateway",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "7.6.0.0"
      },
      {
        "status": "affected",
        "version": "7.5.2.0"
      },
      {
        "status": "affected",
        "version": "7.5.1.0"
      },
      {
        "status": "affected",
        "version": "7.5.0.0"
      },
      {
        "status": "affected",
        "version": "7.7.0.0"
      },
      {
        "status": "affected",
        "version": "7.7.1.3"
      },
      {
        "status": "affected",
        "version": "7.5.0.19"
      },
      {
        "status": "affected",
        "version": "7.5.1.18"
      },
      {
        "status": "affected",
        "version": "7.5.2.18"
      },
      {
        "status": "affected",
        "version": "7.6.0.11"
      },
      {
        "status": "affected",
        "version": "2018.4.1.0"
      }
    ]
  }
]

Source	Link
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/144892
ibm	www.ibm.com/support/docview.wss

07 Feb 2019 15:57Current

4.5Medium risk

Vulners AI Score4.5

CVSS 34.3

EPSS0.00165