CVE-2018-1666
published 2019-02-07CVE-2018-1666: IBM DataPower Gateway 2018.4.1.0, 7.6.0.0 through 7.6.0.11, 7.5.2.0 through 7.5.2.18, 7.5.1.0 through 7.5.1.18, 7.5.0.0 through 7.5.0.19, and 7.7.0.0 through…
medium4.3CVSS 3.0
AVNACLPRLUINSUCNILAN
IBM DataPower Gateway 2018.4.1.0, 7.6.0.0 through 7.6.0.11, 7.5.2.0 through 7.5.2.18, 7.5.1.0 through 7.5.1.18, 7.5.0.0 through 7.5.0.19, and 7.7.0.0 through 7.7.1.3 could allow an authenticated user to inject arbitrary messages that would be displayed on the UI. IBM X-Force ID: 144892.
Affected
16 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | datapower_gateway | — | — |
| ibm | datapower_gateway | — | — |
| ibm | datapower_gateway | — | — |
| ibm | datapower_gateway | — | — |
| ibm | datapower_gateway | — | — |
| ibm | datapower_gateway | — | — |
| ibm | datapower_gateway | — | — |
| ibm | datapower_gateway | — | — |
| ibm | datapower_gateway | — | — |
| ibm | datapower_gateway | — | — |
| ibm | datapower_gateway | — | — |
| ibm | datapower_gateway | 7.5.0.0 – 7.5.0.19 | — |
| ibm | datapower_gateway | 7.5.1.0 – 7.5.1.18 | — |
| ibm | datapower_gateway | 7.5.2.0 – 7.5.2.18 | — |
| ibm | datapower_gateway | 7.6.0.0 – 7.6.0.11 | — |
| ibm | datapower_gateway | 7.7.0.0 – 7.7.1.3 | — |