Information Disclosure Vulnerability in IBM WebSphere DataPower XC10 Appliance
CVE-2014-6143

Currently unrated

Key Information:

Vendor: IBM
Status: Websphere Datapower Xc10 Appliance Firmware
Vendor: CVE Published:; 11 December 2014

What is CVE-2014-6143?

The IBM WebSphere DataPower XC10 appliance, specifically versions 2.1 and 2.5 prior to FP4, contains an information disclosure vulnerability that allows local users to access sensitive information by reading a response. This could potentially lead to unauthorized access to confidential data.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/96913

vdb-entryx_refsource_XF

http://www-01.ibm.com/support/docview.wss?uid=swg21691035

x_refsource_CONFIRM

http://www-01.ibm.com/support/docview.wss?uid=swg1IT04614

vendor-advisoryx_refsource_AIXAPAR

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 11, 2014
Vulnerability Reserved
Sep 2, 2014