Datapower Gateway@7.5.1.0 Security Vulnerabilities and Issues — Datapower Gateway@7.5.1.0 CVE List

Lucene search

IbmDatapower Gateway7.5.1.0

4 matches found

CVE•added 2017/09/28 1:29 a.m.•42 views

CVE-2017-1591

IBM WebSphere DataPower Appliances 7.0.0 through 7.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force I...

6.1CVSS5.8AI score0.00282EPSS

CVE•added 2019/02/07 4:0 p.m.•42 views

CVE-2018-1666

IBM DataPower Gateway 2018.4.1.0, 7.6.0.0 through 7.6.0.11, 7.5.2.0 through 7.5.2.18, 7.5.1.0 through 7.5.1.18, 7.5.0.0 through 7.5.0.19, and 7.7.0.0 through 7.7.1.3 could allow an authenticated user to inject arbitrary messages that would be displayed on the UI. IBM X-Force ID: 144892.

4.3CVSS4.4AI score0.00165EPSS

CVE•added 2019/01/29 4:29 p.m.•40 views

CVE-2018-1668

IBM DataPower Gateway 7.5.0.0 through 7.5.0.19, 7.5.1.0 through 7.5.1.18, 7.5.2.0 through 7.5.2.18, and 7.6.0.0 through 7.6.0.11 appliances allows "null" logins which could give read access to IPMI data to obtain sensitive information. IBM X-Force ID: 144894.

7.5CVSS6.9AI score0.00154EPSS

CVE•added 2018/12/13 4:29 p.m.•38 views

CVE-2018-1665

IBM DataPower Gateway 7.6.0.0 through 7.6.0.10, 7.5.2.0 through 7.5.2.17, 7.5.1.0 through 7.5.1.17, 7.5.0.0 through 7.5.0.18, and 7.7.0.0 through 7.7.1.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 144891.

7.5CVSS7.2AI score0.00096EPSS