Vulnerability: vulnerabilities in IBM WebSphere DataPower XC10
Danger: Low
Patch: Yes
Number of vulnerabilities: 2
CVE ID: CVE-2012-5756
CVE-2012-5758
CVE-2012-5759
Vector of operation: LAN
Impact: Denial of service
Security Bypass
Affected Products: IBM WebSphere DataPower XC10 2.x
Affected versions: WebSphere DataPower XC10 2.0.0.0 – 2.0.0.3, WebSphere DataPower XC10 2.1.0.0 – 2.1.0.2
Description:
Which can be exploited by malicious people to carry out DoS-attack.
1. The vulnerability is due to the fact that a certain functional control interface available without pre-authentication. A remote user can disable certain features. (more…)