Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm datapower gateway vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2020-4528
IBM MQ Appliance (IBM DataPower Gateway 10.0.0.0 and 2018.4.1.0 up to and including 2018.4.1.12) could allow a local user, under special conditions, to obtain highly sensitive information from log files. IBM X-Force ID: 182658.
Ibm Datapower Gateway 10.0.0.0
Ibm Datapower Gateway
8.8
CVSSv3
CVE-2018-1661
IBM DataPower Gateways 7.5, 7.5.1, 7.5.2, and 7.6 is vulnerable to cross-site request forgery which could allow an malicious user to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 144887.
Ibm Datapower Gateway
7.5
CVSSv3
CVE-2018-1665
IBM DataPower Gateway 7.6.0.0 up to and including 7.6.0.10, 7.5.2.0 up to and including 7.5.2.17, 7.5.1.0 up to and including 7.5.1.17, 7.5.0.0 up to and including 7.5.0.18, and 7.7.0.0 up to and including 7.7.1.3 uses weaker than expected cryptographic algorithms that could allo...
Ibm Datapower Gateway
5.4
CVSSv3
CVE-2018-1667
IBM DataPower Gateway 7.6.0.0 up to and including 7.6.0.10, 7.5.2.0 up to and including 7.5.2.17, 7.5.1.0 up to and including 7.5.1.17, 7.5.0.0 up to and including 7.5.0.18, and 7.7.0.0 up to and including 7.7.1.3 is vulnerable to cross-site scripting. This vulnerability allows u...
Ibm Datapower Gateway
7.5
CVSSv3
CVE-2018-1668
IBM DataPower Gateway 7.5.0.0 up to and including 7.5.0.19, 7.5.1.0 up to and including 7.5.1.18, 7.5.2.0 up to and including 7.5.2.18, and 7.6.0.0 up to and including 7.6.0.11 appliances allows "null" logins which could give read access to IPMI data to obtain sensitive...
Ibm Datapower Gateway
4.9
CVSSv3
CVE-2020-4203
IBM DataPower Gateway 2018.4.1.0 up to and including 2018.4.1.8 could potentially disclose highly sensitive information to a privileged user due to improper access controls. IBM X-Force ID: 174956.
Ibm Datapower Gateway
6.3
CVSSv3
CVE-2020-4205
IBM DataPower Gateway 2018.4.1.0 up to and including 2018.4.1.8 could allow an authenticated user to bypass security restrictions, and continue to access the server even after authentication certificates have been revolked. IBM X-Force ID: 174961.
Ibm Datapower Gateway
4
CVSSv3
CVE-2017-1773
IBM DataPower Gateways 7.1, 7,2, 7.5, and 7.6 could allow an attacker using man-in-the-middle techniques to spoof DNS responses to perform DNS cache poisoning and redirect Internet traffic. IBM X-Force ID: 136817.
Ibm Datapower Gateway
7.1
CVSSv3
CVE-2018-1421
IBM WebSphere DataPower Appliances 7.1, 7.2, 7.5, 7.5.1, 7.5.2, and 7.6 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Fo...
Ibm Datapower Gateway
NA
CVE-2015-7412
The GatewayScript modules on IBM DataPower Gateways with software 7.2.0.x prior to 7.2.0.1, when the GatewayScript decryption API or a JWE decrypt action is enabled, do not require signed ciphertext data, which makes it easier for remote malicious users to obtain plaintext data v...
Ibm Datapower Gateway
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »