IBM DataPower Gateway 7.6.0.11

CPE Details

IBM DataPower Gateway 7.6.0.11
ibm
datapower_gateway
7.6.0.11
2019-09-19
12h30 +00:00
2019-09-19
12h30 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:ibm:datapower_gateway:7.6.0.11:*:*:*:*:*:*:*

Informations

Vendor

ibm

Product

datapower_gateway

Version

7.6.0.11

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2019-4621 2019-12-09 22h30 +00:00 IBM DataPower Gateway 7.6.0.0-7 throug 6.0.14 and 2018.4.1.0 through 2018.4.1.5 have a default administrator account that is enabled if the IPMI LAN channel is enabled. A remote attacker could use this account to gain unauthorised access to the BMC. IBM X-Force ID: 168883.
9.8
Critical
CVE-2019-4294 2019-08-20 18h25 +00:00 IBM DataPower Gateway 2018.4.1.0 through 2018.4.1.6, 7.6.0.0 through 7.6.0.15 and IBM MQ Appliance 8.0.0.0 through 8.0.0.12, 9.1.0.0 through 9.1.0.2, and 9.1.1 through 9.1.2 could allow a local attacker to execute arbitrary commands on the system, caused by a command injection vulnerability. IBM X-Force ID: 16188.
7.8
High
CVE-2018-1666 2019-02-07 16h00 +00:00 IBM DataPower Gateway 2018.4.1.0, 7.6.0.0 through 7.6.0.11, 7.5.2.0 through 7.5.2.18, 7.5.1.0 through 7.5.1.18, 7.5.0.0 through 7.5.0.19, and 7.7.0.0 through 7.7.1.3 could allow an authenticated user to inject arbitrary messages that would be displayed on the UI. IBM X-Force ID: 144892.
4.3
Medium
CVE-2018-1668 2019-01-29 16h00 +00:00 IBM DataPower Gateway 7.5.0.0 through 7.5.0.19, 7.5.1.0 through 7.5.1.18, 7.5.2.0 through 7.5.2.18, and 7.6.0.0 through 7.6.0.11 appliances allows "null" logins which could give read access to IPMI data to obtain sensitive information. IBM X-Force ID: 144894.
7.5
High