Null Login Vulnerability in IBM DataPower Gateway Appliances

Null Login Vulnerability in IBM DataPower Gateway Appliances

CVE-2018-1668 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

IBM DataPower Gateway 7.5.0.0 through 7.5.0.19, 7.5.1.0 through 7.5.1.18, 7.5.2.0 through 7.5.2.18, and 7.6.0.0 through 7.6.0.11 appliances allows "null" logins which could give read access to IPMI data to obtain sensitive information. IBM X-Force ID: 144894.

Learn more about our Web Application Penetration Testing UK.