Shodan
Maps
Images
Monitor
Developer
More...
Dashboard
View Api Docs
Vulnerabilities
By Date
Known Exploited
Advanced Search
Vulnerable Software
Vendors
Products
Vulnerability Details CVE-2014-3058
Cross-site request forgery (CSRF) vulnerability on the IBM WebSphere DataPower XC10 appliance 2.1 and 2.5 before FP4 allows remote authenticated users to hijack the authentication of arbitrary users for requests that insert XSS sequences.
Exploit prediction scoring system (EPSS) score
EPSS Score
0.001
EPSS Ranking
28.7%
CVSS Severity
CVSS v2 Score
6.0
References
http://www-01.ibm.com/support/docview.wss?uid=swg1IT04614
http://www-01.ibm.com/support/docview.wss?uid=swg21691035
https://exchange.xforce.ibmcloud.com/vulnerabilities/93532
http://www-01.ibm.com/support/docview.wss?uid=swg1IT04614
http://www-01.ibm.com/support/docview.wss?uid=swg21691035
https://exchange.xforce.ibmcloud.com/vulnerabilities/93532
Products affected by CVE-2014-3058
Ibm
»
Websphere Datapower Xc10 Appliance Firmware
»
Version:
2.1.0.0
cpe:2.3:o:ibm:websphere_datapower_xc10_appliance_firmware:2.1.0.0
Ibm
»
Websphere Datapower Xc10 Appliance Firmware
»
Version:
2.5.0.0
cpe:2.3:o:ibm:websphere_datapower_xc10_appliance_firmware:2.5.0.0
Products
Monitor
Search Engine
Developer API
Maps
Bulk Data
Images
Snippets
Pricing
Membership
API Subscriptions
Enterprise
Contact Us
support@shodan.io
Shodan ® - All rights reserved