2 matches found
Security Bulletin: IBM DataPower Gateway vulnerable to an RCE attack (CVE-2020-5014)
Summary IBM has addressed the relevant CVE Vulnerability Details CVEID: CVE-2020-5014 DESCRIPTION: IBM DataPower Gateway could allow a local attacker with administrative privileges to execute arbitrary code on the system using a server-side requesr forgery attack. CVSS Base score: 6.7 CVSS Tempor...
CVE-2020-5014
CVE-2020-5014 – IBM DataPower Gateway : A local attacker with administrative privileges could achieve arbitrary code execution via a server-side request forgery (SSRF) that targets internal services (notably the built‑in Redis path). Affected products/versions: DataPower Gateway 10.0.0.0–10.0.1.1...