Datapower Gateway@2018.4.1.0 Security Vulnerabilities and Issues — Datapower Gateway@2018.4.1.0 CVE List

Lucene search

IbmDatapower Gateway2018.4.1.0

3 matches found

CVE•added 2019/12/09 11:15 p.m.•48 views

CVE-2019-4621

IBM DataPower Gateway 7.6.0.0-7 throug 6.0.14 and 2018.4.1.0 through 2018.4.1.5 have a default administrator account that is enabled if the IPMI LAN channel is enabled. A remote attacker could use this account to gain unauthorised access to the BMC. IBM X-Force ID: 168883.

9.8CVSS9.1AI score0.00808EPSS

CVE•added 2019/02/07 4:0 p.m.•42 views

CVE-2018-1666

IBM DataPower Gateway 2018.4.1.0, 7.6.0.0 through 7.6.0.11, 7.5.2.0 through 7.5.2.18, 7.5.1.0 through 7.5.1.18, 7.5.0.0 through 7.5.0.19, and 7.7.0.0 through 7.7.1.3 could allow an authenticated user to inject arbitrary messages that would be displayed on the UI. IBM X-Force ID: 144892.

4.3CVSS4.4AI score0.00165EPSS

CVE•added 2019/08/20 7:15 p.m.•42 views

CVE-2019-4294

IBM DataPower Gateway 2018.4.1.0 through 2018.4.1.6, 7.6.0.0 through 7.6.0.15 and IBM MQ Appliance 8.0.0.0 through 8.0.0.12, 9.1.0.0 through 9.1.0.2, and 9.1.1 through 9.1.2 could allow a local attacker to execute arbitrary commands on the system, caused by a command injection vulnerability. IBM X-...

8.4CVSS7.9AI score0.001EPSS