Datapower Gateway@7.5.2.16 Security Vulnerabilities and Issues — Datapower Gateway@7.5.2.16 CVE List

Lucene search

IbmDatapower Gateway7.5.2.16

2 matches found

CVE•added 2018/12/20 2:29 p.m.•46 views

CVE-2018-1661

IBM DataPower Gateways 7.5, 7.5.1, 7.5.2, and 7.6 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 144887.

8.8CVSS8.4AI score0.00155EPSS

CVE•added 2018/12/07 4:29 p.m.•35 views

CVE-2018-1663

IBM DataPower Gateways 7.5, 7.5.1, 7.5.2, 7.6, and 2018.4 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle tech...

5.9CVSS5.4AI score0.00279EPSS