Lucene search
K
IbmApplication Gateway

7 matches found

CVE
CVE
added 2024/04/04 5:31 p.m.101 views

CVE-2024-28787

IBM Security Verify Access and IBM Application Gateway are affected by CVE-2024-28787, with Information Disclosure and potential Denial of Service via a specially crafted HTTP request. Affected products/versions: IBM Security Verify Access Container and Appliance 10.0.0–10.0.7, IBM Application Ga...

10CVSS8.3AI score0.00815EPSS
CVE
CVE
added 2022/09/28 3:55 p.m.63 views

CVE-2022-22387

CVE-2022-22387 affects IBM Application Gateway. A cross-site scripting vulnerability in the Web UI could allow embedding arbitrary JavaScript, potentially leading to credential disclosure within a trusted session. The IBM Security Bulletin confirms affected product/version: IBM Application Gatewa...

5.4CVSS5.2AI score0.00377EPSS
CVE
CVE
added 2021/05/31 2:50 p.m.54 views

CVE-2021-20576

CVE-2021-20576 affects IBM Application Gateway (IBM Application Gateway 1.0). A remote attacker could send a specially crafted HTTP GET request that could crash the application, indicating a potential denial of service. The NVD entry lists base scores of 5.0 (MEDIUM) CVSS2 and 7.5 (HIGH) CVSS3.1/...

7.5CVSS7.3AI score0.02476EPSS
CVE
CVE
added 2021/05/31 2:50 p.m.50 views

CVE-2021-20575

CVE-2021-20575 concerns IBM Application Gateway (IBM Application Gateway 1.0) where the application allows web pages to be stored locally and readable by other users on the same system, causing an information disclosure. The vulnerability description and multiple connected sources confirm this lo...

4CVSS4.2AI score0.00268EPSS
CVE
CVE
added 2025/06/03 2:48 p.m.49 views

CVE-2024-45655

CVE-2024-45655 affects IBM Application Gateway versions 19.12–24.09. The root cause is incorrect permissions assignment enabling a local privileged user to perform unauthorized actions. Documented impacts confirm local privilege escalation with the vulnerability. Remediation: IBM indicates upgrad...

5.5CVSS5.3AI score0.0011EPSS
CVE
CVE
added 2026/01/20 3:23 p.m.20 views

CVE-2025-36397

Summary: CVE-2025-36397 affects IBM Application Gateway 23.10–25.09 and is a vulnerability to HTML injection (basic XSS) that could execute code in a victim’s browser within the hosting site’s security context. What’s affected: IBM Application Gateway 23.10–25.09 (also echoed across Red Hat and C...

5.4CVSS5.5AI score0.00162EPSS
CVE
CVE
added 2026/01/20 3:22 p.m.18 views

CVE-2025-36396

IBM Application Gateway 23.10–25.09 is affected by a cross-site scripting vulnerability in the Web UI that an authenticated user can abuse to inject JavaScript, potentially exposing credentials in a trusted session. The CVE (CVE-2025-36396) is documented across NVD and vendor advisories, with a C...

5.4CVSS5.1AI score0.00147EPSS