Arbitrary Message Injection Vulnerability in IBM DataPower Gateway
CVE-2018-1666 · MEDIUM Severity
AV:N/AC:L/AU:S/C:N/I:P/A:N
IBM DataPower Gateway 2018.4.1.0, 7.6.0.0 through 7.6.0.11, 7.5.2.0 through 7.5.2.18, 7.5.1.0 through 7.5.1.18, 7.5.0.0 through 7.5.0.19, and 7.7.0.0 through 7.7.1.3 could allow an authenticated user to inject arbitrary messages that would be displayed on the UI. IBM X-Force ID: 144892.
Learn more about our User Device Pen Test.