Lucene search
HistoryNov 23, 2012 - 12:09 p.m.
CVE-2012-5758
ibm
websphere
datapower
xc10
appliance
cve-2012-5758
nvd
security
vulnerability
denial of service
remote attackers
7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
6.9 Medium
AI Score
Confidence
Low
0.023 Low
EPSS
Percentile
89.8%
The IBM WebSphere DataPower XC10 Appliance 2.0.0.0 through 2.0.0.3 and 2.1.0.0 through 2.1.0.2 does not require authentication for an unspecified interface, which allows remote attackers to cause a denial of service (process exit) via unknown vectors.
Affected configurations
Node
ibmwebsphere_datapower_xc10_applianceMatch2.0.0.0
ORibmwebsphere_datapower_xc10_applianceMatch2.0.0.1
ORibmwebsphere_datapower_xc10_applianceMatch2.0.0.2
ORibmwebsphere_datapower_xc10_applianceMatch2.0.0.3
ORibmwebsphere_datapower_xc10_applianceMatch2.1.0.0
ORibmwebsphere_datapower_xc10_applianceMatch2.1.0.1
ORibmwebsphere_datapower_xc10_applianceMatch2.1.0.2
References
Related
cvelist
cvelist
CVE-2012-5758
2012-11-23 11:00:00
prion
prion
Authentication flaw
2012-11-23 12:09:00
nvd
nvd
CVE-2012-5758
2012-11-23 12:09:57
7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
6.9 Medium
AI Score
Confidence
Low
0.023 Low
EPSS
Percentile
89.8%
Related for CVE-2012-5758