IBM DataPower Gateway 7.7.0.0

CPE Details

IBM DataPower Gateway 7.7.0.0
ibm
datapower_gateway
7.7.0.0
2019-09-19
12h30 +00:00
2019-09-19
12h30 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:ibm:datapower_gateway:7.7.0.0:*:*:*:*:*:*:*

Informations

Vendor

ibm

Product

datapower_gateway

Version

7.7.0.0

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2018-1666 2019-02-07 16h00 +00:00 IBM DataPower Gateway 2018.4.1.0, 7.6.0.0 through 7.6.0.11, 7.5.2.0 through 7.5.2.18, 7.5.1.0 through 7.5.1.18, 7.5.0.0 through 7.5.0.19, and 7.7.0.0 through 7.7.1.3 could allow an authenticated user to inject arbitrary messages that would be displayed on the UI. IBM X-Force ID: 144892.
4.3
Medium
CVE-2018-1677 2018-12-20 14h00 +00:00 IBM DataPower Gateways 7.1, 7.2, 7.5, 7.5.1, 7.5.2, 7.6, and 7.7 and IBM MQ Appliance are vulnerable to a denial of service, caused by the improper handling of full file system. A local attacker could exploit this vulnerability to cause a denial of service. IBM X-Force ID: 145171.
5.5
Medium
CVE-2018-1665 2018-12-13 16h00 +00:00 IBM DataPower Gateway 7.6.0.0 through 7.6.0.10, 7.5.2.0 through 7.5.2.17, 7.5.1.0 through 7.5.1.17, 7.5.0.0 through 7.5.0.18, and 7.7.0.0 through 7.7.1.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 144891.
7.5
High
CVE-2018-1667 2018-12-13 16h00 +00:00 IBM DataPower Gateway 7.6.0.0 through 7.6.0.10, 7.5.2.0 through 7.5.2.17, 7.5.1.0 through 7.5.1.17, 7.5.0.0 through 7.5.0.18, and 7.7.0.0 through 7.7.1.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 144893.
5.4
Medium