CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2014-3060

Unspecified vulnerability on the IBM WebSphere DataPower XC10 appliance 2.5 allows remote attackers to obtain administrative privileges by leveraging access to an eXtreme Scale distributed ObjectGrid network and capturing a session cookie.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.024

EPSS Ranking 84.4%

CVSS Severity

CVSS v2 Score 10.0

References

http://www-01.ibm.com/support/docview.wss?uid=swg1IT03476
http://www-01.ibm.com/support/docview.wss?uid=swg21685705
https://exchange.xforce.ibmcloud.com/vulnerabilities/93534
http://www-01.ibm.com/support/docview.wss?uid=swg1IT03476
http://www-01.ibm.com/support/docview.wss?uid=swg21685705
https://exchange.xforce.ibmcloud.com/vulnerabilities/93534

Products affected by CVE-2014-3060

Ibm » Websphere Datapower Xc10 Appliance » Version: N/A

cpe:2.3:h:ibm:websphere_datapower_xc10_appliance:-
Ibm » Websphere Datapower Xc10 Appliance Firmware » Version: 2.5.0.0

cpe:2.3:o:ibm:websphere_datapower_xc10_appliance_firmware:2.5.0.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-3060

Products

Pricing

Contact Us