CVE-2018-1661

Summary

IBM DataPower Gateways 7.5, 7.5.1, 7.5.2, and 7.6 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 144887.

Affected Software

VendorProductVersion RangeStatus
IBMDataPower Gateways7.5affected
IBMDataPower Gateways7.5.1affected
IBMDataPower Gateways7.5.2affected
IBMDataPower Gateways7.6affected

Weaknesses

  • Gain Access

ADP Enrichment

CVE Program Container

Additional References

References