Ibm Websphere Datapower Xc10 Appliance — known CVE vulnerabilities
Every CVE whose affected-product data names Ibm Websphere Datapower Xc10 Appliance, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (9)
CVE-2013-5446 — CVSS 10.0 (critical): The console on IBM WebSphere DataPower XC10 appliances 2.1.0 and 2.5.0 does not properly process logoff actions, which has unspecified…
CVE-2014-3060 — CVSS 10.0 (critical): Unspecified vulnerability on the IBM WebSphere DataPower XC10 appliance 2.5 allows remote attackers to obtain administrative privileges by…
CVE-2014-3059 — CVSS 10.0 (critical): Unspecified vulnerability in the Administrative Console on the IBM WebSphere DataPower XC10 appliance 2.5 allows remote attackers to obtain…
CVE-2013-0600 — CVSS 9.3 (critical): Unspecified vulnerability on IBM WebSphere DataPower XC10 Appliance devices 2.0 and 2.1 through 2.1 FP3 allows remote attackers to bypass…
CVE-2012-5759 — CVSS 9.0 (critical): The IBM WebSphere DataPower XC10 Appliance 2.0.0.0 through 2.0.0.3 and 2.1.0.0 through 2.1.0.2 allows remote authenticated users to bypass…
CVE-2012-5758 — CVSS 7.8 (high): The IBM WebSphere DataPower XC10 Appliance 2.0.0.0 through 2.0.0.3 and 2.1.0.0 through 2.1.0.2 does not require authentication for an…
CVE-2013-5428 — CVSS 7.1 (high): IBM WebSphere DataPower XC10 appliances 2.5.0 do not require authentication for all administrative actions, which allows remote attackers…
CVE-2012-5756 — CVSS 4.3 (medium): The IBM WebSphere DataPower XC10 Appliance 2.0.0.0 through 2.0.0.3 and 2.1.0.0 through 2.1.0.2, when a collective configuration is enabled…
CVE-2013-0499 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in the echo functionality on IBM WebSphere DataPower SOA appliances with firmware 3.8.2, 4.0…