Описание
The IBM WebSphere DataPower XC10 appliance 2.1 through 2.1.0.3 and 2.5 through 2.5.0.4 retains data on SSD cards, which might allow physically proximate attackers to obtain sensitive information by extracting a card and attaching it elsewhere.
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:o:ibm:websphere_datapower_xc10_appliance_firmware:2.1.0.0:*:*:*:*:*:*:*
cpe:2.3:o:ibm:websphere_datapower_xc10_appliance_firmware:2.1.0.1:*:*:*:*:*:*:*
cpe:2.3:o:ibm:websphere_datapower_xc10_appliance_firmware:2.1.0.2:*:*:*:*:*:*:*
cpe:2.3:o:ibm:websphere_datapower_xc10_appliance_firmware:2.1.0.3:*:*:*:*:*:*:*
cpe:2.3:o:ibm:websphere_datapower_xc10_appliance_firmware:2.5.0.0:*:*:*:*:*:*:*
cpe:2.3:o:ibm:websphere_datapower_xc10_appliance_firmware:2.5.0.1:*:*:*:*:*:*:*
cpe:2.3:o:ibm:websphere_datapower_xc10_appliance_firmware:2.5.0.2:*:*:*:*:*:*:*
cpe:2.3:o:ibm:websphere_datapower_xc10_appliance_firmware:2.5.0.3:*:*:*:*:*:*:*
cpe:2.3:o:ibm:websphere_datapower_xc10_appliance_firmware:2.5.0.4:*:*:*:*:*:*:*
EPSS
Процентиль: 18%
0.00057
Низкий
2.1 Low
CVSS2
Дефекты
CWE-200
Связанные уязвимости
github
больше 3 лет назад
The IBM WebSphere DataPower XC10 appliance 2.1 through 2.1.0.3 and 2.5 through 2.5.0.4 retains data on SSD cards, which might allow physically proximate attackers to obtain sensitive information by extracting a card and attaching it elsewhere.
EPSS
Процентиль: 18%
0.00057
Низкий
2.1 Low
CVSS2
Дефекты
CWE-200