Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

ibm datapower gateway 2018.4.1.0 vulnerabilities and exploits

(subscribe to this query)
4
CVSSv2
CVE-2018-1666
IBM DataPower Gateway 2018.4.1.0, 7.6.0.0 up to and including 7.6.0.11, 7.5.2.0 up to and including 7.5.2.18, 7.5.1.0 up to and including 7.5.1.18, 7.5.0.0 up to and including 7.5.0.19, and 7.7.0.0 up to and including 7.7.1.3 could allow an authenticated user to inject arbitrary ...
Ibm Datapower GatewayIbm Datapower Gateway 2018.4.1.0
5
CVSSv2
CVE-2021-38872
IBM DataPower Gateway 10.0.2.0, 10.0.3.0, 10.0.1.0 up to and including 10.0.1.4, and 2018.4.1.0 up to and including 2018.4.1.17 could allow a remote user to cause a denial of service by consuming resources with multiple requests. IBM X-Force ID: 208348.
Ibm Datapower Gateway 10.0.2.0Ibm Datapower Gateway 10.0.3.0Ibm Datapower Gateway
1.9
CVSSv2
CVE-2020-4528
IBM MQ Appliance (IBM DataPower Gateway 10.0.0.0 and 2018.4.1.0 up to and including 2018.4.1.12) could allow a local user, under special conditions, to obtain highly sensitive information from log files. IBM X-Force ID: 182658.
Ibm Datapower Gateway 10.0.0.0Ibm Datapower Gateway
NA
CVE-2022-31775
IBM DataPower Gateway 10.0.2.0 up to and including 10.0.4.0, 10.0.1.0 up to and including 10.0.1.8, 10.5.0.0, and 2018.4.1.0 up to and including 2018.4.1.21 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit th...
Ibm Datapower Gateway 10.5.0.0Ibm Datapower Gateway
NA
CVE-2022-31776
IBM DataPower Gateway 10.0.2.0 up to and including 10.0.4.0, 10.0.1.0 up to and including 10.0.1.8, 10.5.0.0, and 2018.4.1.0 up to and including 2018.4.1.21 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated malicious user to send unauthorized re...
Ibm Datapower GatewayIbm Datapower Gateway 10.5.0.0
NA
CVE-2022-32750
IBM DataPower Gateway 10.0.2.0 up to and including 10.0.4.0, 10.0.1.0 up to and including 10.0.1.8, 10.5.0.0, and 2018.4.1.0 up to and including 2018.4.1.21 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thu...
Ibm Datapower GatewayIbm Datapower Gateway 10.5.0.0
NA
CVE-2022-31774
IBM DataPower Gateway 10.0.2.0 up to and including 10.0.4.0, 10.0.1.0 up to and including 10.0.1.8, 10.5.0.0, and 2018.4.1.0 up to and including 2018.4.1.21 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thu...
Ibm Datapower GatewayIbm Datapower Gateway 10.5.0.0
4
CVSSv2
CVE-2020-4203
IBM DataPower Gateway 2018.4.1.0 up to and including 2018.4.1.8 could potentially disclose highly sensitive information to a privileged user due to improper access controls. IBM X-Force ID: 174956.
Ibm Datapower Gateway
5
CVSSv2
CVE-2020-4581
IBM DataPower Gateway 2018.4.1.0 up to and including 2018.4.1.12 could allow a remote malicious user to cause a denial of service by sending a chunked transfer-encoding HTTP/2 request. IBM X-Force ID: 184441.
Ibm Datapower Gateway
5
CVSSv2
CVE-2020-4994
IBM DataPower Gateway 10.0.1.0 up to and including 10.0.1.4 and 2018.4.1.0 up to and including 2018.4.1.17 could allow a remote user to cause a temporary denial of service by sending invalid HTTP requests. IBM X-Force ID: 192906.
Ibm Datapower Gateway
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
race conditionCVE-2024-4249CVE-2024-4244CVE-2023-20198TCPCVE-2022-48648CVE-2022-48636CVE-2024-21345SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook