CVE-2018-1661
published 2018-12-20CVE-2018-1661: IBM DataPower Gateways 7.5, 7.5.1, 7.5.2, and 7.6 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and…
high8.8CVSS 3.0
AVNACLPRNUIRSUCHIHAH
IBM DataPower Gateways 7.5, 7.5.1, 7.5.2, and 7.6 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 144887.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | datapower_gateway | 7.5.0.0 – 7.5.0.17 | — |
| ibm | datapower_gateway | 7.5.1.0 – 7.5.1.16 | — |
| ibm | datapower_gateway | 7.5.2.0 – 7.5.2.16 | — |
| ibm | datapower_gateway | 7.6.0.0 – 7.6.0.9 | — |
| ibm | datapower_gateways | — | — |
| ibm | datapower_gateways | — | — |
| ibm | datapower_gateways | — | — |
| ibm | datapower_gateways | — | — |