var-201812-0384
Vulnerability from variot
IBM DataPower Gateways 7.5, 7.5.1, 7.5.2, and 7.6 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 144887. IBM DataPower Gateway Contains a cross-site scripting vulnerability. Vendors have confirmed this vulnerability IBM X-Force ID: 144887 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Exploiting this issue may allow a remote attacker to perform certain unauthorized actions in the context of the affected application. Other attacks are also possible. The following versions of product are vilnerable: IBM DataPower Gateway 7.6.0.0 through 7.6.0.9 IBM DataPower Gateway 7.5.2.0 through 7.5.2.16 IBM DataPower Gateway 7.5.1.0 through 7.5.1.16 IBM DataPower Gateway 7.5.0.0 through 7.5.0.17. IBM DataPower Gateway is the United States IBM The company's set of dedicated to mobile, cloud, application programming interface ( API ), network, service-oriented architecture ( SOA ), B2B A secure and integrated platform designed for cloud and cloud workloads. The platform secures, integrates and optimizes access across channels with a dedicated gateway platform. The following versions are affected: IBM DataPower Gateways 7.6.0.0 version to 7.6.0.9 Version, 7.5.2.0 version to 7.5.2.16 Version, 7.5.1.0 version to 7.5.1.16 Version, 7.5.0.0 version to 7.5.0.17 Version
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201812-0384",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.6.0.9"
},
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.2.0"
},
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.1.0"
},
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.2.16"
},
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.0.0"
},
{
"model": "datapower gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.6.0.0"
},
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.0.17"
},
{
"model": "datapower gateway",
"scope": "lte",
"trust": 1.0,
"vendor": "ibm",
"version": "7.5.1.16"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7.5"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7.5.1"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7.5.2"
},
{
"model": "datapower gateway",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "7.6"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.6.0.8"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.6.0.6"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.6.0.5"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.6.0.1"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.6.0.0"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.9"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.8"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.2"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.15"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.13"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.12"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.1"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.0"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.9"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.8"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.4"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.3"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.2"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.15"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.14"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.13"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.12"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.1"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.0"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.9"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.5"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.4"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.3"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.2"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.16"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.15"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.14"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.13"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.10"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.1"
},
{
"model": "datapower gateways",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.0"
},
{
"model": "datapower gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.6.0.10"
},
{
"model": "datapower gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.2.17"
},
{
"model": "datapower gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.1.17"
},
{
"model": "datapower gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.5.0.18"
}
],
"sources": [
{
"db": "BID",
"id": "106329"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012921"
},
{
"db": "NVD",
"id": "CVE-2018-1661"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:ibm:datapower_gateway:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.5.1.16",
"versionStartIncluding": "7.5.1.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ibm:datapower_gateway:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.5.2.16",
"versionStartIncluding": "7.5.2.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ibm:datapower_gateway:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.6.0.9",
"versionStartIncluding": "7.6.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ibm:datapower_gateway:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "7.5.0.17",
"versionStartIncluding": "7.5.0.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-1661"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Srinivasarao Kotipalli and Jeremy Soh.",
"sources": [
{
"db": "BID",
"id": "106329"
}
],
"trust": 0.3
},
"cve": "CVE-2018-1661",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2018-1661",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-126986",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "psirt@us.ibm.com",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-1661",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-1661",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "psirt@us.ibm.com",
"id": "CVE-2018-1661",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201812-816",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-126986",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-126986"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012921"
},
{
"db": "NVD",
"id": "CVE-2018-1661"
},
{
"db": "NVD",
"id": "CVE-2018-1661"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-816"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM DataPower Gateways 7.5, 7.5.1, 7.5.2, and 7.6 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 144887. IBM DataPower Gateway Contains a cross-site scripting vulnerability. Vendors have confirmed this vulnerability IBM X-Force ID: 144887 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. \nExploiting this issue may allow a remote attacker to perform certain unauthorized actions in the context of the affected application. Other attacks are also possible. \nThe following versions of product are vilnerable:\nIBM DataPower Gateway 7.6.0.0 through 7.6.0.9\nIBM DataPower Gateway 7.5.2.0 through 7.5.2.16\nIBM DataPower Gateway 7.5.1.0 through 7.5.1.16\nIBM DataPower Gateway 7.5.0.0 through 7.5.0.17. IBM DataPower Gateway is the United States IBM The company\u0027s set of dedicated to mobile, cloud, application programming interface ( API ), network, service-oriented architecture ( SOA ), B2B A secure and integrated platform designed for cloud and cloud workloads. The platform secures, integrates and optimizes access across channels with a dedicated gateway platform. The following versions are affected: IBM DataPower Gateways 7.6.0.0 version to 7.6.0.9 Version, 7.5.2.0 version to 7.5.2.16 Version, 7.5.1.0 version to 7.5.1.16 Version, 7.5.0.0 version to 7.5.0.17 Version",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-1661"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012921"
},
{
"db": "BID",
"id": "106329"
},
{
"db": "VULHUB",
"id": "VHN-126986"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-1661",
"trust": 2.8
},
{
"db": "BID",
"id": "106329",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012921",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201812-816",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2019.0545",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-126986",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-126986"
},
{
"db": "BID",
"id": "106329"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012921"
},
{
"db": "NVD",
"id": "CVE-2018-1661"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-816"
}
]
},
"id": "VAR-201812-0384",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-126986"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T11:09:38.210000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "0744189",
"trust": 0.8,
"url": "https://www.ibm.com/support/docview.wss?uid=ibm10744189"
},
{
"title": "ibm-websphere-cve20181661-csrf (144887)",
"trust": 0.8,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/144887"
},
{
"title": "IBM DataPower Gateway Fixes for cross-site request forgery vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=88012"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-012921"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-816"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-352",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-126986"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012921"
},
{
"db": "NVD",
"id": "CVE-2018-1661"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/106329"
},
{
"trust": 1.7,
"url": "https://www.ibm.com/support/docview.wss?uid=ibm10744189"
},
{
"trust": 1.7,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/144887"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-1661"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-1661"
},
{
"trust": 0.6,
"url": "http://www.ibm.com/support/docview.wss"
},
{
"trust": 0.6,
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10739235"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/75930"
},
{
"trust": 0.3,
"url": "https://www.ibm.com"
},
{
"trust": 0.3,
"url": "https://www.ibm.com/in-en/products/datapower-gateway/details"
},
{
"trust": 0.3,
"url": "https://www-01.ibm.com/support/docview.wss?uid=ibm10744189"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-126986"
},
{
"db": "BID",
"id": "106329"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012921"
},
{
"db": "NVD",
"id": "CVE-2018-1661"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-816"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-126986"
},
{
"db": "BID",
"id": "106329"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-012921"
},
{
"db": "NVD",
"id": "CVE-2018-1661"
},
{
"db": "CNNVD",
"id": "CNNVD-201812-816"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-20T00:00:00",
"db": "VULHUB",
"id": "VHN-126986"
},
{
"date": "2018-12-12T00:00:00",
"db": "BID",
"id": "106329"
},
{
"date": "2019-02-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-012921"
},
{
"date": "2018-12-20T14:29:00.230000",
"db": "NVD",
"id": "CVE-2018-1661"
},
{
"date": "2018-12-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201812-816"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-126986"
},
{
"date": "2018-12-12T00:00:00",
"db": "BID",
"id": "106329"
},
{
"date": "2019-02-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-012921"
},
{
"date": "2019-10-09T23:38:50.163000",
"db": "NVD",
"id": "CVE-2018-1661"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201812-816"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201812-816"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM DataPower Gateway Vulnerable to cross-site scripting",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-012921"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "cross-site request forgery",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201812-816"
}
],
"trust": 0.6
}
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.