CVE-2018-1668

Summary

IBM DataPower Gateway 7.5.0.0 through 7.5.0.19, 7.5.1.0 through 7.5.1.18, 7.5.2.0 through 7.5.2.18, and 7.6.0.0 through 7.6.0.11 appliances allows "null" logins which could give read access to IPMI data to obtain sensitive information. IBM X-Force ID: 144894.

Affected Software

VendorProductVersion RangeStatus
IBMDataPower Gateway7.6.0.0affected
IBMDataPower Gateway7.5.2.0affected
IBMDataPower Gateway7.5.1.0affected
IBMDataPower Gateway7.5.0.0affected
IBMDataPower Gateway7.5.0.19affected
IBMDataPower Gateway7.5.1.18affected
IBMDataPower Gateway7.5.2.18affected
IBMDataPower Gateway7.6.0.11affected

Weaknesses

  • Obtain Information

ADP Enrichment

CVE Program Container

Additional References

References