Datapower Gateway Security Vulnerabilities and Issues — Datapower Gateway CVE List

Lucene search

IbmDatapower Gateway

4 matches found

CVE•added 2022/08/01 11:15 a.m.•63 views

CVE-2022-22326

IBM Datapower Gateway 10.0.2.0 through 10.0.4.0, 10.0.1.0 through 10.0.1.5, and 2018.4.1.0 through 2018.4.1.18 could allow unauthorized viewing of logs and files due to insufficient authorization checks. IBM X-Force ID: 218856.

4CVSS3.9AI score0.00024EPSS

CVE•added 2020/03/19 2:15 p.m.•46 views

CVE-2020-4203

IBM DataPower Gateway 2018.4.1.0 through 2018.4.1.8 could potentially disclose highly sensitive information to a privileged user due to improper access controls. IBM X-Force ID: 174956.

4.9CVSS4.8AI score0.00266EPSS

CVE•added 2019/02/07 4:0 p.m.•42 views

CVE-2018-1666

IBM DataPower Gateway 2018.4.1.0, 7.6.0.0 through 7.6.0.11, 7.5.2.0 through 7.5.2.18, 7.5.1.0 through 7.5.1.18, 7.5.0.0 through 7.5.0.19, and 7.7.0.0 through 7.7.1.3 could allow an authenticated user to inject arbitrary messages that would be displayed on the UI. IBM X-Force ID: 144892.

4.3CVSS4.4AI score0.00165EPSS

CVE•added 2018/01/31 3:29 p.m.•40 views

CVE-2017-1773

IBM DataPower Gateways 7.1, 7,2, 7.5, and 7.6 could allow an attacker using man-in-the-middle techniques to spoof DNS responses to perform DNS cache poisoning and redirect Internet traffic. IBM X-Force ID: 136817.

4.3CVSS4.1AI score0.00107EPSS