Websphere Datapower Xc10 Appliance Firmware@2.1.0.0 Security Vulnerabilities and Issues — Websphere Datapower Xc10 Appliance Firmware@2.1.0.0 CVE List

Lucene search

IbmWebsphere Datapower Xc10 Appliance Firmware2.1.0.0

4 matches found

CVE•added 2014/12/11 4:59 p.m.•42 views

CVE-2014-3058

Cross-site request forgery (CSRF) vulnerability on the IBM WebSphere DataPower XC10 appliance 2.1 and 2.5 before FP4 allows remote authenticated users to hijack the authentication of arbitrary users for requests that insert XSS sequences.

6CVSS6.3AI score0.00101EPSS

CVE•added 2014/12/11 4:59 p.m.•39 views

CVE-2014-6143

The IBM WebSphere DataPower XC10 appliance 2.1 and 2.5 before FP4 allows local users to obtain sensitive information by reading a response.

2.1CVSS5.7AI score0.00054EPSS

CVE•added 2014/12/11 4:59 p.m.•36 views

CVE-2014-6163

Cross-site scripting (XSS) vulnerability on the IBM WebSphere DataPower XC10 appliance 2.1 and 2.5 before FP4 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

3.5CVSS5.2AI score0.00188EPSS

CVE•added 2014/12/12 11:59 a.m.•35 views

CVE-2014-6138

The IBM WebSphere DataPower XC10 appliance 2.1 and 2.5 before FP4 allows remote authenticated users to bypass intended grid-data access restrictions via unspecified vectors.

4CVSS6.2AI score0.00159EPSS