CVE-2022-31773

Summary

IBM DataPower Gateway V10CD, 10.0.1, and 2018.4.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 228357.

Affected Software

VendorProductVersion RangeStatus
IBMDataPower Gateway2018.4.1.0affected
IBMDataPower Gateway10.0.1.0affected
IBMDataPower Gateway10.0.2.0affected
IBMDataPower Gateway10.0.4.0affected
IBMDataPower Gateway2018.4.1.21affected
IBMDataPower Gateway10.0.1.8affected

Weaknesses

  • Gain Access

ADP Enrichment

CVE Program Container

Additional References

References