Information Disclosure Vulnerability in IBM WebSphere DataPower XC10 Appliance
CVE-2014-6143

Currently unrated

Key Information:

Vendor: IBM
Status: Websphere Datapower Xc10 Appliance Firmware
Vendor: CVE Published:; 11 December 2014

Summary

The IBM WebSphere DataPower XC10 appliance, specifically versions 2.1 and 2.5 prior to FP4, contains an information disclosure vulnerability that allows local users to access sensitive information by reading a response. This could potentially lead to unauthorized access to confidential data.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/96913

vdb-entryx_refsource_XF

http://www-01.ibm.com/support/docview.wss?uid=swg21691035

x_refsource_CONFIRM

http://www-01.ibm.com/support/docview.wss?uid=swg1IT04614

vendor-advisoryx_refsource_AIXAPAR

Timeline

Vulnerability published
Dec 11, 2014
Vulnerability Reserved
Sep 2, 2014