Privilege Escalation in IBM WebSphere DataPower Appliance
CVE-2012-5759

Currently unrated

Key Information:

Vendor: IBM
Status: Websphere Datapower Xc10 Appliance
Vendor: CVE Published:; 23 November 2012

Summary

The IBM WebSphere DataPower XC10 Appliance versions 2.0.0.0 through 2.1.0.2 are susceptible to a vulnerability that allows remote authenticated users to bypass administrative-role restrictions. This could enable these users to execute arbitrary Java Management Extensions (JMX) operations, which poses significant risks to system integrity and security. Effective remediation is crucial to protect against unauthorized access and potential exploitation.

References

http://osvdb.org/87620

vdb-entryx_refsource_OSVDB

http://www-01.ibm.com/support/docview.wss?uid=swg24033740

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/80062

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Nov 23, 2012
Vulnerability Reserved
Nov 2, 2012