IBM WebSphere DataPower XC10 Vulnerability Affects Remote Access Control
CVE-2014-6138

Currently unrated

Key Information:

Vendor: IBM
Status: Websphere Datapower Xc10 Appliance Firmware
Vendor: CVE Published:; 12 December 2014

What is CVE-2014-6138?

The vulnerability in the IBM WebSphere DataPower XC10 appliance allows remote authenticated users to circumvent access restrictions intended for grid data. This weakness can be exploited through unspecified vectors, enabling unauthorized access to sensitive information within the grid data. Organizations utilizing affected versions should evaluate their security posture and apply recommended patches to mitigate potential risks associated with this vulnerability.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21691035

x_refsource_CONFIRM

http://www-01.ibm.com/support/docview.wss?uid=swg1IT04614

vendor-advisoryx_refsource_AIXAPAR

https://exchange.xforce.ibmcloud.com/vulnerabilities/96852

vdb-entryx_refsource_XF

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 12, 2014
Vulnerability Reserved
Sep 2, 2014