2 matches found
IBM WebSphere DataPower XC10 Administrative Access及Web Logoff漏洞
CVECAN ID: CVE-2013-5428,CVE-2013-5446 XC10设备是WebSphere DataPower硬件平台和IBM分布式缓存技术的结合。 IBM WebSphere DataPower XC10 2.5、2.1存在安全漏洞,可使未经身份验证的攻击者访问某些管理员操作,造成拒绝服务;并且在处理Web注销时也存在错误。 0 IBM WebSphere DataPower XC10 2.5 IBM WebSphere DataPower XC10 2.1 厂商补丁: IBM --- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...
CVE-2013-5428
CVE-2013-5428 affects IBM WebSphere DataPower XC10 appliances (notably 2.5.0; also referenced for 2.1) where unauthenticated access to administrative actions can trigger a denial of service. Exploitation details are not provided in the documents. Vendor patches exist via IBM Fix Central and speci...