CVE-2019-4621
HIGH
8,1
Source: [email protected]
Attack Vector: network
Attack Complexity: high
Privileges Required: none
User Interaction: none
Scope: unchanged
Confidentiality: high
Integrity: high
Availability: high
MEDIUM
6,8
Source: [email protected]
Access Vector: network
Access Complexity: medium
Authentication: none
Confidentiality: partial
Integrity: partial
Availability: partial
Description
AI Translation Available
IBM DataPower Gateway 7.6.0.0-7 throug 6.0.14 and 2018.4.1.0 through 2018.4.1.5 have a default administrator account that is enabled if the IPMI LAN channel is enabled. A remote attacker could use this account to gain unauthorised access to the BMC. IBM X-Force ID: 168883.
EPSS (Exploit Prediction Scoring System)
Trend Analysis
EPSS (Exploit Prediction Scoring System)
Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.
EPSS Score
0,0081
Percentile
0,7th
Updated
EPSS Score Trend (Last 90 Days)
1188
Initialization of a Resource with an Insecure Default
IncompleteCommon Consequences
Security Scopes Affected:
Other
Potential Impacts:
Varies By Context
Applicable Platforms
All platforms may be affected
Application
Datapower Gateway by Ibm
Version Range Affected
From
7.6.0.0
(inclusive)
To
7.6.0.14
(inclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:ibm:datapower_gateway:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Datapower Gateway by Ibm
Version Range Affected
From
2018.4.1.0
(inclusive)
To
2018.4.1.5
(inclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:ibm:datapower_gateway:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
https://exchange.xforce.ibmcloud.com/vulnerabilities/168883
https://www.ibm.com/support/pages/node/1125615
https://exchange.xforce.ibmcloud.com/vulnerabilities/168883
https://www.ibm.com/support/pages/node/1125615