7.8

CVE-2012-5758

The IBM WebSphere DataPower XC10 Appliance 2.0.0.0 through 2.0.0.3 and 2.1.0.0 through 2.1.0.2 does not require authentication for an unspecified interface, which allows remote attackers to cause a denial of service (process exit) via unknown vectors.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.36% 0.816
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 10 6.9
AV:N/AC:L/Au:N/C:N/I:N/A:C
CWE-287 Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

http://secunia.com/advisories/51319
http://www-01.ibm.com/support/docview.wss?uid=swg21615783
Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg24033740
Vendor Advisory
http://www.securityfocus.com/bid/56617
http://www.securitytracker.com/id?1027798
http://www-01.ibm.com/support/docview.wss?uid=swg1IC86908
https://exchange.xforce.ibmcloud.com/vulnerabilities/80063