3 matches found
IBM WebSphere DataPower XC10 Administrative Access及Web Logoff漏洞
CVECAN ID: CVE-2013-5428,CVE-2013-5446 XC10设备是WebSphere DataPower硬件平台和IBM分布式缓存技术的结合。 IBM WebSphere DataPower XC10 2.5、2.1存在安全漏洞,可使未经身份验证的攻击者访问某些管理员操作,造成拒绝服务;并且在处理Web注销时也存在错误。 0 IBM WebSphere DataPower XC10 2.5 IBM WebSphere DataPower XC10 2.1 厂商补丁: IBM --- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...
CVE-2013-5446
The console on IBM WebSphere DataPower XC10 appliances 2.1.0 and 2.5.0 does not properly process logoff actions, which has unspecified impact and remote attack vectors...
CVE-2013-5446
The issue affects IBM WebSphere DataPower XC10 appliances (2.1.0 and 2.5.0). The console does not properly process logoff actions, potentially enabling exploitation of admin-related functionality with remote access and causing denial of service, as described across multiple sources. Vendor patche...