IBM DataPower Gateway 10.0.0.0

CPE Details

IBM DataPower Gateway 10.0.0.0
ibm
datapower_gateway
10.0.0.0
2020-10-23
15h30 +00:00
2020-10-23
15h30 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:ibm:datapower_gateway:10.0.0.0:*:*:*:*:*:*:*

Informations

Vendor

ibm

Product

datapower_gateway

Version

10.0.0.0

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2020-5008 2021-06-07 14h05 +00:00 IBM DataPower Gateway 10.0.0.0 through 10.0.1.0 and 2018.4.1.0 through 2018.4.1.14 stores sensitive information in GET request parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. IBM X-Force ID: 193033.
5.3
Medium
CVE-2020-4831 2021-03-12 16h40 +00:00 IBM DataPower Gateway 10.0.0.0 through 10.0.1.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 189965.
7.5
High
CVE-2020-5014 2021-03-08 18h00 +00:00 IBM DataPower Gateway V10 and V2018 could allow a local attacker with administrative privileges to execute arbitrary code on the system using a server-side requesr forgery attack. IBM X-Force ID: 193247.
6.7
Medium
CVE-2020-4528 2020-10-06 15h45 +00:00 IBM MQ Appliance (IBM DataPower Gateway 10.0.0.0 and 2018.4.1.0 through 2018.4.1.12) could allow a local user, under special conditions, to obtain highly sensitive information from log files. IBM X-Force ID: 182658.
5.5
Medium