CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2014-3060
https://notcve.org/view.php?id=CVE-2014-3060
Unspecified vulnerability on the IBM WebSphere DataPower XC10 appliance 2.5 allows remote attackers to obtain administrative privileges by leveraging access to an eXtreme Scale distributed ObjectGrid network and capturing a session cookie. Vulnerabilidad no especificada en IBM WebSphere DataPower XC10 2.5 permite a atacantes remotos obtener privilegios de administración mediante el aprovechamiento del acceso a una red eXtreme Scale Distributed ObjectGrid y la captura de una cookie de sesión. • http://www-01.ibm.com/support/docview.wss?uid=swg1IT03476 http://www-01.ibm.com/support/docview.wss?uid=swg21685705 https://exchange.xforce.ibmcloud.com/vulnerabilities/93534 •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2014-3059
https://notcve.org/view.php?id=CVE-2014-3059
Unspecified vulnerability in the Administrative Console on the IBM WebSphere DataPower XC10 appliance 2.5 allows remote attackers to obtain administrative privileges by leveraging access to an eXtreme Scale distributed ObjectGrid network. Vulnerabilidad no especificada en la consola de administración en IBM WebSphere DataPower XC10 2.5 permite a atacantes remotos obtener privilegios de administración mediante el aprovechamiento del acceso a una red de eXtreme Scale Distributed ObjectGrid. • http://www-01.ibm.com/support/docview.wss?uid=swg1IT03476 http://www-01.ibm.com/support/docview.wss?uid=swg21685705 https://exchange.xforce.ibmcloud.com/vulnerabilities/93533 •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2013-5446
https://notcve.org/view.php?id=CVE-2013-5446
The console on IBM WebSphere DataPower XC10 appliances 2.1.0 and 2.5.0 does not properly process logoff actions, which has unspecified impact and remote attack vectors. La consola en IBM WebSphere DataPower XC10 appliances 2.1.0 y 2.5.0 no procesa adecuadamente acciones de cierre de sesión, el cual tiene un impacto sin especificar y vectores de ataque remotos. • http://www-01.ibm.com/support/docview.wss?uid=swg1IC93164 http://www-01.ibm.com/support/docview.wss?uid=swg1IC96617 http://www.ibm.com/support/docview.wss?uid=swg21653546 https://exchange.xforce.ibmcloud.com/vulnerabilities/87910 •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2013-5428
https://notcve.org/view.php?id=CVE-2013-5428
IBM WebSphere DataPower XC10 appliances 2.5.0 do not require authentication for all administrative actions, which allows remote attackers to cause a denial of service via unspecified vectors. IBM WebSphere DataPower XC10 2.5.0 no requiere autenticación para todas las acciones administrativas, lo que permite a atacantes remotos causar una denegación de servicio a través de vectores no especificados. • http://www-01.ibm.com/support/docview.wss?uid=swg1IC93164 http://www-01.ibm.com/support/docview.wss?uid=swg1IC96617 http://www.ibm.com/support/docview.wss?uid=swg21653546 https://exchange.xforce.ibmcloud.com/vulnerabilities/87560 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 0%CPEs: 11EXPL: 0CVE-2013-5403
https://notcve.org/view.php?id=CVE-2013-5403
Unspecified vulnerability on the IBM WebSphere DataPower XC10 appliance 2.0 through 2.5.0.1 allows remote attackers to obtain administrative access via unknown vectors. Vulnerabilidad no especificada en IBM WebSphere DataPower XC10 appliance v2.0 hasta v2.5.0.1 permite a atacantes remotos conseguir acceso administrativo a través de vectores desconocidos. • http://www-01.ibm.com/support/docview.wss?uid=swg1IC96174 http://www.ibm.com/support/docview.wss?uid=swg21651098 https://exchange.xforce.ibmcloud.com/vulnerabilities/87299 •