[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248364

 
 

909

 
 

195388

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2014-6138Date: (C)2014-12-16   (M)2023-12-22


The IBM WebSphere DataPower XC10 appliance 2.1 and 2.5 before FP4 allows remote authenticated users to bypass intended grid-data access restrictions via unspecified vectors.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 4.0
Exploit Score: 8.0
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: SINGLE
Confidentiality: PARTIAL
Integrity: NONE
Availability: NONE
  
Reference:
IT04614
http://www-01.ibm.com/support/docview.wss?uid=swg21691035
ibm-xc10-cve20146138-sec-bypass(96852)

CPE    2
cpe:/o:ibm:websphere_datapower_xc10_appliance_firmware:2.5.0.0
cpe:/o:ibm:websphere_datapower_xc10_appliance_firmware:2.1.0.0
CWE    1
CWE-200

© SecPod Technologies