Posts Tagged ‘IBM WebSphere’


ibm logoTwo vulnerabilities in the IBM product WebSphere MQ

Danger level: Low
Availability Corrections: Yes
Quantity of vulnerabilities: 2

CVSSv2 Rating:

(AV: A / AC: L / Au: N / C: P / I: P / A: P / E: U / RL: O / RC: C) = Base: 5.8 / Temporal: 4.3
(AV: L / AC: L / Au: N / C: P / I: N / A: N / E: U / RL: O / RC: C) = Base: 2.1 / Temporal: 1.6

CVE ID: CVE-2014-6116; CVE-2014-4822 (more…)

IBM logoVulnerability: vulnerabilities in IBM WebSphere DataPower XC10

Danger: Low
Patch: Yes
Number of vulnerabilities: 2

CVE ID: CVE-2012-5756
CVE-2012-5758
CVE-2012-5759
Vector of operation: LAN
Impact: Denial of service
Security Bypass

Affected Products: IBM WebSphere DataPower XC10 2.x

Affected versions: WebSphere DataPower XC10 2.0.0.0 – 2.0.0.3, WebSphere DataPower XC10 2.1.0.0 – 2.1.0.2

Description:

Which can be exploited by malicious people to carry out DoS-attack.

1. The vulnerability is due to the fact that a certain functional control interface available without pre-authentication. A remote user can disable certain features. (more…)