CVE-2020-5014

Summary

IBM DataPower Gateway V10 and V2018 could allow a local attacker with administrative privileges to execute arbitrary code on the system using a server-side requesr forgery attack. IBM X-Force ID: 193247.

Affected Software

VendorProductVersion RangeStatus
IBMDataPower Gateway2018.4.1.0affected
IBMDataPower Gateway10.0.0.0affected
IBMDataPower Gateway10.0.1.1affected
IBMDataPower Gateway2018.4.1.14affected

Weaknesses

  • Gain Access

ADP Enrichment

CVE Program Container

Additional References

References