Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm websphere datapower xc10 appliance - vulnerabilities and exploits
(subscribe to this query)
4.4
CVSSv3
CVE-2015-7418
IBM WebSphere eXtreme Scale and the WebSphere DataPower XC10 Appliance allow some sensitive data to linger in memory instead of being overwritten which could allow a local user with administrator privileges to obtain sensitive information.
Ibm Websphere Extreme Scale 7.1.0
Ibm Websphere Extreme Scale 7.1.1
Ibm Websphere Extreme Scale 8.5
Ibm Websphere Extreme Scale 8.6
NA
CVE-2015-1970
The IBM WebSphere DataPower XC10 appliance 2.1 up to and including 2.1.0.3 and 2.5 up to and including 2.5.0.4 retains data on SSD cards, which might allow physically proximate malicious users to obtain sensitive information by extracting a card and attaching it elsewhere.
Ibm Websphere Datapower Xc10 Appliance Firmware 2.1.0.0
Ibm Websphere Datapower Xc10 Appliance Firmware 2.1.0.1
Ibm Websphere Datapower Xc10 Appliance Firmware 2.1.0.2
Ibm Websphere Datapower Xc10 Appliance Firmware 2.1.0.3
Ibm Websphere Datapower Xc10 Appliance Firmware 2.5.0.4
Ibm Websphere Datapower Xc10 Appliance Firmware 2.5.0.1
Ibm Websphere Datapower Xc10 Appliance Firmware 2.5.0.3
Ibm Websphere Datapower Xc10 Appliance Firmware 2.5.0.0
Ibm Websphere Datapower Xc10 Appliance Firmware 2.5.0.2
NA
CVE-2015-1893
The IBM WebSphere DataPower XC10 appliance 2.1 prior to 2.1.0.3 allows remote malicious users to hijack the sessions of arbitrary users, and consequently obtain sensitive information or modify data, via unspecified vectors.
Ibm Websphere Datapower Xc10 Appliance Firmware 2.1.0.1
Ibm Websphere Datapower Xc10 Appliance Firmware 2.1.0.0
Ibm Websphere Datapower Xc10 Appliance Firmware 2.1.0.2
NA
CVE-2014-6138
The IBM WebSphere DataPower XC10 appliance 2.1 and 2.5 before FP4 allows remote authenticated users to bypass intended grid-data access restrictions via unspecified vectors.
Ibm Websphere Datapower Xc10 Appliance Firmware 2.1.0.0
Ibm Websphere Datapower Xc10 Appliance Firmware 2.5.0.0
NA
CVE-2014-6163
Cross-site scripting (XSS) vulnerability on the IBM WebSphere DataPower XC10 appliance 2.1 and 2.5 before FP4 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
Ibm Websphere Datapower Xc10 Appliance Firmware 2.5.0.0
Ibm Websphere Datapower Xc10 Appliance Firmware 2.1.0.0
NA
CVE-2014-6143
The IBM WebSphere DataPower XC10 appliance 2.1 and 2.5 before FP4 allows local users to obtain sensitive information by reading a response.
Ibm Websphere Datapower Xc10 Appliance Firmware 2.1.0.0
Ibm Websphere Datapower Xc10 Appliance Firmware 2.5.0.0
NA
CVE-2014-3058
Cross-site request forgery (CSRF) vulnerability on the IBM WebSphere DataPower XC10 appliance 2.1 and 2.5 before FP4 allows remote authenticated users to hijack the authentication of arbitrary users for requests that insert XSS sequences.
Ibm Websphere Datapower Xc10 Appliance Firmware 2.1.0.0
Ibm Websphere Datapower Xc10 Appliance Firmware 2.5.0.0
NA
CVE-2014-3060
Unspecified vulnerability on the IBM WebSphere DataPower XC10 appliance 2.5 allows remote malicious users to obtain administrative privileges by leveraging access to an eXtreme Scale distributed ObjectGrid network and capturing a session cookie.
Ibm Websphere Datapower Xc10 Appliance Firmware 2.5.0.0
Ibm Websphere Datapower Xc10 Appliance -
NA
CVE-2014-3059
Unspecified vulnerability in the Administrative Console on the IBM WebSphere DataPower XC10 appliance 2.5 allows remote malicious users to obtain administrative privileges by leveraging access to an eXtreme Scale distributed ObjectGrid network.
Ibm Websphere Datapower Xc10 Appliance Firmware 2.5.0.0
Ibm Websphere Datapower Xc10 Appliance -
NA
CVE-2013-5403
Unspecified vulnerability on the IBM WebSphere DataPower XC10 appliance 2.0 up to and including 2.5.0.1 allows remote malicious users to obtain administrative access via unknown vectors.
Ibm Websphere Datapower Xc10 Appliance Firmware 2.0.0.2
Ibm Websphere Datapower Xc10 Appliance Firmware 2.0.0.3
Ibm Websphere Datapower Xc10 Appliance Firmware 2.5.0.0
Ibm Websphere Datapower Xc10 Appliance Firmware 2.5.0.1
Ibm Websphere Datapower Xc10 Appliance Firmware 2.1.0.2
Ibm Websphere Datapower Xc10 Appliance Firmware 2.1.0.3
Ibm Websphere Datapower Xc10 Appliance Firmware 2.0.0.0
Ibm Websphere Datapower Xc10 Appliance Firmware 2.0.0.1
Ibm Websphere Datapower Xc10 Appliance Firmware 2.1.0.0
Ibm Websphere Datapower Xc10 Appliance Firmware 2.1.0.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »