Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
datapower gateway vulnerabilities and exploits
(subscribe to this query)
1.9
CVSSv2
CVE-2020-4528
IBM MQ Appliance (IBM DataPower Gateway 10.0.0.0 and 2018.4.1.0 up to and including 2018.4.1.12) could allow a local user, under special conditions, to obtain highly sensitive information from log files. IBM X-Force ID: 182658.
Ibm Datapower Gateway 10.0.0.0
Ibm Datapower Gateway
2.1
CVSSv2
CVE-2018-1664
IBM DataPower Gateway 7.1.0.0 - 7.1.0.23, 7.2.0.0 - 7.2.0.21, 7.5.0.0 - 7.5.0.16, 7.5.1.0 - 7.5.1.15, 7.5.2.0 - 7.5.2.15, and 7.6.0.0 - 7.6.0.8 as well as IBM DataPower Gateway CD 7.7.0.0 - 7.7.1.2 echoing of AMP management interface authorization headers exposes login credential...
Ibm Datapower Gateway
5
CVSSv2
CVE-2018-1665
IBM DataPower Gateway 7.6.0.0 up to and including 7.6.0.10, 7.5.2.0 up to and including 7.5.2.17, 7.5.1.0 up to and including 7.5.1.17, 7.5.0.0 up to and including 7.5.0.18, and 7.7.0.0 up to and including 7.7.1.3 uses weaker than expected cryptographic algorithms that could allo...
Ibm Datapower Gateway
3.5
CVSSv2
CVE-2018-1667
IBM DataPower Gateway 7.6.0.0 up to and including 7.6.0.10, 7.5.2.0 up to and including 7.5.2.17, 7.5.1.0 up to and including 7.5.1.17, 7.5.0.0 up to and including 7.5.0.18, and 7.7.0.0 up to and including 7.7.1.3 is vulnerable to cross-site scripting. This vulnerability allows u...
Ibm Datapower Gateway
5.5
CVSSv2
CVE-2018-1669
IBM DataPower Gateway 7.1.0.0 - 7.1.0.23, 7.2.0.0 - 7.2.0.21, 7.5.0.0 - 7.5.0.16, 7.5.1.0 - 7.5.1.15, 7.5.2.0 - 7.5.2.15, and 7.6.0.0 - 7.6.0.8 as well as IBM DataPower Gateway CD 7.7.0.0 - 7.7.1.2 are vulnerable to a XML External Entity Injection (XXE) attack when processing XML...
Ibm Datapower Gateway
4.3
CVSSv2
CVE-2017-1773
IBM DataPower Gateways 7.1, 7,2, 7.5, and 7.6 could allow an attacker using man-in-the-middle techniques to spoof DNS responses to perform DNS cache poisoning and redirect Internet traffic. IBM X-Force ID: 136817.
Ibm Datapower Gateway
5
CVSSv2
CVE-2020-4831
IBM DataPower Gateway 10.0.0.0 up to and including 10.0.1.0 uses weaker than expected cryptographic algorithms that could allow an malicious user to decrypt highly sensitive information. IBM X-Force ID: 189965.
Ibm Datapower Gateway
4.3
CVSSv2
CVE-2020-4992
IBM DataPower Gateway 2018.4.1.0 up to and including 2018.4.1.16 is vulnerable to cross-site request forgery which could allow an malicious user to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 192737.
Ibm Datapower Gateway
5
CVSSv2
CVE-2020-4994
IBM DataPower Gateway 10.0.1.0 up to and including 10.0.1.4 and 2018.4.1.0 up to and including 2018.4.1.17 could allow a remote user to cause a temporary denial of service by sending invalid HTTP requests. IBM X-Force ID: 192906.
Ibm Datapower Gateway
5
CVSSv2
CVE-2020-5008
IBM DataPower Gateway 10.0.0.0 up to and including 10.0.1.0 and 2018.4.1.0 up to and including 2018.4.1.14 stores sensitive information in GET request parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer hea...
Ibm Datapower Gateway
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »