Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm datapower gateway vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2020-5008
IBM DataPower Gateway 10.0.0.0 up to and including 10.0.1.0 and 2018.4.1.0 up to and including 2018.4.1.14 stores sensitive information in GET request parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer hea...
Ibm Datapower Gateway
5
CVSSv2
CVE-2020-4831
IBM DataPower Gateway 10.0.0.0 up to and including 10.0.1.0 uses weaker than expected cryptographic algorithms that could allow an malicious user to decrypt highly sensitive information. IBM X-Force ID: 189965.
Ibm Datapower Gateway
5
CVSSv2
CVE-2020-4579
IBM DataPower Gateway 2018.4.1.0 up to and including 2018.4.1.12 could allow a remote malicious user to cause a denial of service by sending a specially crafted HTTP/2 request with invalid characters. IBM X-Force ID: 184438.
Ibm Datapower Gateway
5
CVSSv2
CVE-2020-4580
IBM DataPower Gateway 2018.4.1.0 up to and including 2018.4.1.12 could allow a remote malicious user to cause a denial of service by sending a specially crafted a JSON request with invalid characters. IBM X-Force ID: 184439.
Ibm Datapower Gateway
5
CVSSv2
CVE-2020-4581
IBM DataPower Gateway 2018.4.1.0 up to and including 2018.4.1.12 could allow a remote malicious user to cause a denial of service by sending a chunked transfer-encoding HTTP/2 request. IBM X-Force ID: 184441.
Ibm Datapower Gateway
5
CVSSv2
CVE-2018-1668
IBM DataPower Gateway 7.5.0.0 up to and including 7.5.0.19, 7.5.1.0 up to and including 7.5.1.18, 7.5.2.0 up to and including 7.5.2.18, and 7.6.0.0 up to and including 7.6.0.11 appliances allows "null" logins which could give read access to IPMI data to obtain sensitive...
Ibm Datapower Gateway
5
CVSSv2
CVE-2018-1665
IBM DataPower Gateway 7.6.0.0 up to and including 7.6.0.10, 7.5.2.0 up to and including 7.5.2.17, 7.5.1.0 up to and including 7.5.1.17, 7.5.0.0 up to and including 7.5.0.18, and 7.7.0.0 up to and including 7.7.1.3 uses weaker than expected cryptographic algorithms that could allo...
Ibm Datapower Gateway
5
CVSSv2
CVE-2015-7427
IBM DataPower Gateway appliances with firmware 6.x prior to 6.0.0.17, 6.0.1.x prior to 6.0.1.17, 7.x prior to 7.0.0.10, 7.1.0.x prior to 7.1.0.7, and 7.2.x prior to 7.2.0.1 do not set the secure flag for unspecified cookies in an https session, which makes it easier for remote ma...
Ibm Datapower Gateway 6.0.1.16
Ibm Datapower Gateway 6.0.1.3
Ibm Datapower Gateway 7.1.0.1
Ibm Datapower Gateway 6.0.1.11
Ibm Datapower Gateway 7.0.0.5
Ibm Datapower Gateway
Ibm Datapower Gateway 6.0.1.6
Ibm Datapower Gateway 6.0.1.9
Ibm Datapower Gateway 6.0.1.0
Ibm Datapower Gateway 7.0.0.1
Ibm Datapower Gateway 7.0.0.3
Ibm Datapower Gateway 7.1.0.2
Ibm Datapower Gateway 6.0.1.8
Ibm Datapower Gateway 6.0.1.14
Ibm Datapower Gateway 6.0.1.1
Ibm Datapower Gateway 7.0.0.0
Ibm Datapower Gateway 6.0.1.7
Ibm Datapower Gateway 6.0.1.10
Ibm Datapower Gateway 7.1.0.6
Ibm Datapower Gateway 7.2.0.0
Ibm Datapower Gateway 6.0.1.4
Ibm Datapower Gateway 7.0.0.7
5
CVSSv2
CVE-2010-1612
The IBM WebSphere DataPower XML Accelerator XA35, Low Latency Appliance XM70, Integration Appliance XI50, B2B Appliance XB60, and XML Security Gateway XS40 SOA Appliances prior to 3.8.0.0, when a QLOGIC Ethernet interface is used, allow remote malicious users to cause a denial of...
Ibm Websphere Datapower Xml Accelerator Xa35
Ibm Websphere Datapower Xml Accelerator Xa35 3.7.2
Ibm Websphere Datapower Xml Accelerator Xa35 3.7.3
Ibm Websphere Datapower Xml Accelerator Xa35 3.7.3.1
Ibm Websphere Datapower Xml Accelerator Xa35 3.7.3.2
Ibm Websphere Datapower Xml Accelerator Xa35 3.7.3.3
Ibm Websphere Datapower Xml Accelerator Xa35 3.7.3.4
Ibm Websphere Datapower Xml Accelerator Xa35 3.7.3.5
Ibm Websphere Datapower Xml Accelerator Xa35 3.7.3.6
Ibm Websphere Datapower Xml Accelerator Xa35 3.7.3.7
Ibm Websphere Datapower Xml Accelerator Xa35 3.7.3.8
Ibm Websphere Datapower Xml Accelerator Xa35 3.7.3.9
Ibm Websphere Datapower Xml Accelerator Xa35 3.8.0.0
Ibm Websphere Datapower Xml Accelerator Xa35 3.8.0.1
Ibm Websphere Datapower Xml Accelerator Xa35 3.8.0.2
Ibm Websphere Datapower Xml Accelerator Xa35 3.8.0.3
Ibm Websphere Datapower Xml Accelerator Xa35 3.8.0.4
Ibm Websphere Datapower Xml Security Gateway Xs40
Ibm Websphere Datapower Xml Security Gateway Xs40 3.7.2
Ibm Websphere Datapower Xml Security Gateway Xs40 3.7.3
Ibm Websphere Datapower Xml Security Gateway Xs40 3.7.3.1
Ibm Websphere Datapower Xml Security Gateway Xs40 3.7.3.2
4.6
CVSSv2
CVE-2020-5014
IBM DataPower Gateway V10 and V2018 could allow a local attacker with administrative privileges to execute arbitrary code on the system using a server-side requesr forgery attack. IBM X-Force ID: 193247.
Ibm Datapower Gateway
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »