Description

IBM Datapower Gateway 10.0.2.0 through 10.0.4.0, 10.0.1.0 through 10.0.1.5, and 2018.4.1.0 through 2018.4.1.18 could allow unauthorized viewing of logs and files due to insufficient authorization checks. IBM X-Force ID: 218856.

Related CPE's

a

ibm

datapower_gateway

3

o

ibm

mq_appliance_m2002_firmware

2

h

ibm

mq_appliance_m2002

-

o

ibm

mq_appliance_m2001_firmware

2

h

ibm

mq_appliance_m2001

-

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/218856

VDB EntryVendor Advisory

https://www.ibm.com/support/pages/node/6560048

PatchVendor Advisory

https://www.ibm.com/support/pages/node/6608598

PatchVendor Advisory

Weaknesses

[email protected]

Primary
CWE-863

CVSS impact metrics

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

3.3 · Low

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information

Source identifier

[email protected]

Vulnerability status

Analyzed

Published

2022-08-01T11:15:13.150

2 years ago

Last modified

2022-08-04T17:36:12.380

2 years ago