Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm datapower gateway vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-40228
IBM DataPower Gateway 10.0.3.0 up to and including 10.0.4.0, 10.0.1.0 up to and including 10.0.1.9, 2018.4.1.0 up to and including 2018.4.1.22, and 10.5.0.0 up to and including 10.5.0.2 does not invalidate session after a password change which could allow an authenticated user t...
Ibm Datapower Gateway
NA
CVE-2022-31773
IBM DataPower Gateway V10CD, 10.0.1, and 2018.4.1 is vulnerable to cross-site request forgery which could allow an malicious user to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 228357.
Ibm Datapower Gateway
NA
CVE-2022-31775
IBM DataPower Gateway 10.0.2.0 up to and including 10.0.4.0, 10.0.1.0 up to and including 10.0.1.8, 10.5.0.0, and 2018.4.1.0 up to and including 2018.4.1.21 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit th...
Ibm Datapower Gateway 10.5.0.0
Ibm Datapower Gateway
NA
CVE-2022-32750
IBM DataPower Gateway 10.0.2.0 up to and including 10.0.4.0, 10.0.1.0 up to and including 10.0.1.8, 10.5.0.0, and 2018.4.1.0 up to and including 2018.4.1.21 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thu...
Ibm Datapower Gateway
Ibm Datapower Gateway 10.5.0.0
NA
CVE-2022-31774
IBM DataPower Gateway 10.0.2.0 up to and including 10.0.4.0, 10.0.1.0 up to and including 10.0.1.8, 10.5.0.0, and 2018.4.1.0 up to and including 2018.4.1.21 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thu...
Ibm Datapower Gateway
Ibm Datapower Gateway 10.5.0.0
NA
CVE-2022-31776
IBM DataPower Gateway 10.0.2.0 up to and including 10.0.4.0, 10.0.1.0 up to and including 10.0.1.8, 10.5.0.0, and 2018.4.1.0 up to and including 2018.4.1.21 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated malicious user to send unauthorized re...
Ibm Datapower Gateway
Ibm Datapower Gateway 10.5.0.0
NA
CVE-2022-22326
IBM Datapower Gateway 10.0.2.0 up to and including 10.0.4.0, 10.0.1.0 up to and including 10.0.1.5, and 2018.4.1.0 up to and including 2018.4.1.18 could allow unauthorized viewing of logs and files due to insufficient authorization checks. IBM X-Force ID: 218856.
Ibm Datapower Gateway
Ibm Mq Appliance M2002 Firmware
Ibm Mq Appliance M2001 Firmware
383
VMScore
CVE-2021-38944
IBM DataPower Gateway 10.0.2.0 up to and including 1.0.3.0, 10.0.1.0 up to and including 10.0.1.5, and 2018.4.1.0 up to and including 2018.4.1.18 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an malicious user...
Ibm Datapower Gateway
445
VMScore
CVE-2020-4994
IBM DataPower Gateway 10.0.1.0 up to and including 10.0.1.4 and 2018.4.1.0 up to and including 2018.4.1.17 could allow a remote user to cause a temporary denial of service by sending invalid HTTP requests. IBM X-Force ID: 192906.
Ibm Datapower Gateway
445
VMScore
CVE-2021-38872
IBM DataPower Gateway 10.0.2.0, 10.0.3.0, 10.0.1.0 up to and including 10.0.1.4, and 2018.4.1.0 up to and including 2018.4.1.17 could allow a remote user to cause a denial of service by consuming resources with multiple requests. IBM X-Force ID: 208348.
Ibm Datapower Gateway 10.0.2.0
Ibm Datapower Gateway 10.0.3.0
Ibm Datapower Gateway
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5841
file upload
man-in-the-middle
arbitrary
CVE-2024-27801
CVE-2024-28020
CVE-2024-30080
CVE-2024-30069
CVE-2024-5843
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »