5
CVSSv2

CVE-2020-5008

Published: 07/06/2021 Updated: 10/06/2021
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 5.3 | Impact Score: 1.4 | Exploitability Score: 3.9
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Summary

IBM DataPower Gateway 10.0.0.0 up to and including 10.0.1.0 and 2018.4.1.0 up to and including 2018.4.1.14 stores sensitive information in GET request parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. IBM X-Force ID: 193033.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

ibm datapower gateway

Github Repositories

Use at your own risk CVE-2020-5008 Exploit Windows Binary PoC /CVE-2020-5008exe will run the exploit /CVE-2020-5008exe Target IP /CVE-2020-5008exe wwwexamplecom Running the exploit on Linux Change the target IP in CVE-2020-5008sh then do: chmod +x CVE-2020-5008sh /CVE-2020-5008sh Target IP /CVE-2020-5008sh wwwexamplecom