Ibm Application Gateway — known CVE vulnerabilities
Every CVE whose affected-product data names Ibm Application Gateway, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2024-28787 — CVSS 8.7 (high): IBM Security Verify Access 10.0.0 through 10.0.7 and IBM Application Gateway 20.01 through 24.03 could allow a remote attacker to obtain…
CVE-2021-20576 — CVSS 7.5 (high): IBM Security Verify Access 20.07 could allow a remote attacker to send a specially crafted HTTP GET request that could cause the…
CVE-2024-45655 — CVSS 5.5 (medium): IBM Application Gateway 19.12 through 24.09 could allow a local privileged user to perform unauthorized actions due to incorrect…
CVE-2022-22387 — CVSS 5.4 (medium): IBM Application Gateway is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the…
CVE-2025-36396 — CVSS 5.4 (medium): IBM Application Gateway 23.10 through 25.09 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed…
CVE-2025-36397 — CVSS 5.4 (medium): IBM Application Gateway 23.10 through 25.09 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when…
CVE-2021-20575 — CVSS 3.3 (low): IBM Security Verify Access 20.07 allows web pages to be stored locally which can be read by another user on the system. X-Force ID: 199278.