4 matches found
Security Bulletin: IBM MQ Appliance is affected by an improper validation vulnerability (CVE-2021-38910)
Summary IBM MQ Appliance has resolved an improper validation vulnerability. Vulnerability Details CVEID: CVE-2021-38910 DESCRIPTION: IBM DataPower Gateway V10CD, 10.0.1, and 2108.4.1 could allow a remote attacker to bypass security restrictions, caused by the improper validation of input. By...
CVE-2021-38910
IBM DataPower Gateway V10CD, 10.0.1, and 2108.4.1 could allow a remote attacker to bypass security restrictions, caused by the improper validation of input. By sending a specially crafted JSON message, an attacker could exploit this vulnerability to modify structure and fields. IBM X-Force ID:...
CVE-2021-38910
CVE-2021-38910 affects IBM DataPower Gateway V10CD (10.0.2.x+), 10.0.1, and 2108.4.1. The root cause is improper input validation, enabling a remote attacker to bypass security restrictions by sending a crafted JSON message to modify structure and fields. Documented impact is bypass of security c...
Security Bulletin: IBM DataPower Gateway permits reflected JSON injection (CVE-2021-38910)
Summary IBM has addressed the CVE Vulnerability Details CVEID: CVE-2021-38910 DESCRIPTION: IBM DataPower Gateway could allow a remote attacker to bypass security restrictions, caused by the improper validation of input. By sending a specially crafted JSON message, an attacker could exploit this...