Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm datapower gateway vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2020-4581
IBM DataPower Gateway 2018.4.1.0 up to and including 2018.4.1.12 could allow a remote malicious user to cause a denial of service by sending a chunked transfer-encoding HTTP/2 request. IBM X-Force ID: 184441.
Ibm Datapower Gateway
6.8
CVSSv2
CVE-2019-4621
IBM DataPower Gateway 7.6.0.0-7 throug 6.0.14 and 2018.4.1.0 up to and including 2018.4.1.5 have a default administrator account that is enabled if the IPMI LAN channel is enabled. A remote attacker could use this account to gain unauthorised access to the BMC. IBM X-Force ID: 16...
Ibm Datapower Gateway
5
CVSSv2
CVE-2020-5008
IBM DataPower Gateway 10.0.0.0 up to and including 10.0.1.0 and 2018.4.1.0 up to and including 2018.4.1.14 stores sensitive information in GET request parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer hea...
Ibm Datapower Gateway
4.6
CVSSv2
CVE-2020-5014
IBM DataPower Gateway V10 and V2018 could allow a local attacker with administrative privileges to execute arbitrary code on the system using a server-side requesr forgery attack. IBM X-Force ID: 193247.
Ibm Datapower Gateway
1 Github repository
4
CVSSv2
CVE-2020-4203
IBM DataPower Gateway 2018.4.1.0 up to and including 2018.4.1.8 could potentially disclose highly sensitive information to a privileged user due to improper access controls. IBM X-Force ID: 174956.
Ibm Datapower Gateway
6.5
CVSSv2
CVE-2020-4205
IBM DataPower Gateway 2018.4.1.0 up to and including 2018.4.1.8 could allow an authenticated user to bypass security restrictions, and continue to access the server even after authentication certificates have been revolked. IBM X-Force ID: 174961.
Ibm Datapower Gateway
NA
CVE-2022-40228
IBM DataPower Gateway 10.0.3.0 up to and including 10.0.4.0, 10.0.1.0 up to and including 10.0.1.9, 2018.4.1.0 up to and including 2018.4.1.22, and 10.5.0.0 up to and including 10.5.0.2 does not invalidate session after a password change which could allow an authenticated user t...
Ibm Datapower Gateway
2.1
CVSSv2
CVE-2018-1652
IBM DataPower Gateway 7.1.0.0 up to and including 7.1.0.19, 7.2.0.0 up to and including 7.2.0.16, 7.5.0.0 up to and including 7.5.0.10, 7.5.1.0 up to and including 7.5.1.9, 7.5.2.0 up to and including 7.5.2.9, and 7.6.0.0 up to and including 7.6.0.2 and IBM MQ Appliance 8.0.0.0 u...
Ibm Datapower Gateway
Ibm Mq Appliance
7.2
CVSSv2
CVE-2019-4294
IBM DataPower Gateway 2018.4.1.0 up to and including 2018.4.1.6, 7.6.0.0 up to and including 7.6.0.15 and IBM MQ Appliance 8.0.0.0 up to and including 8.0.0.12, 9.1.0.0 up to and including 9.1.0.2, and 9.1.1 up to and including 9.1.2 could allow a local malicious user to execute ...
Ibm Mq Appliance
Ibm Datapower Gateway
7.8
CVSSv2
CVE-2009-0120
The IBM WebSphere DataPower XML Security Gateway XS40 with firmware 3.6.1.5 allows remote malicious users to cause a denial of service (device reboot) by sending data over an established SSL connection, as demonstrated by the abc\r\n\r\n string data.
Ibm Websphere Datapower Xml Security Gateway Xs40 3.6.1.5
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »