Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2015-7412
HistoryNov 08, 2015 - 10:59 p.m.

Code injection

2015-11-0822:59:00
PRIOn knowledge base
www.prio-n.com
2

6.8 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

53.7%

JSON

The GatewayScript modules on IBM DataPower Gateways with software 7.2.0.x before 7.2.0.1, when the GatewayScript decryption API or a JWE decrypt action is enabled, do not require signed ciphertext data, which makes it easier for remote attackers to obtain plaintext data via a padding-oracle attack.

CPENameOperatorVersion
datapower_gatewayle7.2.0.0

Related

nvd 1
cvelist 1
ibm 1
cve 1
nvd
nvd
CVE-2015-7412
2015-11-08 22:59:19
cvelist
cvelist
CVE-2015-7412
2015-11-08 22:00:00
ibm
ibm
Security Bulletin: Padding Oracle Protection in IBM DataPower Gateways GatewayScript modules (CVE-2015-7412)
2018-06-15 07:03:29
cve
cve
CVE-2015-7412
2015-11-08 22:59:19

6.8 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

53.7%

JSON
Related for PRION:CVE-2015-7412
nvd1cvelist1ibm1cve1