IBM Support

2021年に公開された DataPower に関する脆弱性情報

Question & Answer


Question

2021年に公開されたDataPower に関連する脆弱性情報はありますか?

Answer

2021年に公開された DataPower 関連の脆弱性情報は以下のとおりです。(2021/09/14更新)
修正が含まれるFix Pack/Firmwareの導入をお勧めいたします。
公開日 タイトル
CVSS
基本値
 修正が含まれるfixレベル
2021/09/10/ Security Bulletin: Multiple vulnerabilities in ICU libraries used in IBM DataPower Gateway 9.8
IBM
10.0.3.0
DataPower Gateway
10.0.1.4
2018.4.1.17
2021/08/19 Security Bulletin: IBM DataPower Gateway vulnerable to a DoS 7.5
IBM
10.0.3.0
DataPower Gateway 10.0.1.4
2021/08/19 Security Bulletin: Update Secure Gateway Client in IBM DataPower Gateway to address several CVEs 7.5
IBM
10.0.3.0
DataPower Gateway
10.0.1.4
2018.4.1.17
2021/08/16 Security Bulletin: IBM DataPower Gateway potentially vulnerable to CSRF attack 4.3
IBM
2018.4.1.17
DataPower Gateway
2021/08/16 Security Bulletin: IBM DataPower Gateway vulnerable to a DoS 7.5
IBM
2018.4.1.17 
DataPower Gateway
2021/08/16 Security Bulletin: Potential DoS in IBM DataPower Gateway 7.5
IBM
10.0.3.0
DataPower Gateway 10.0.1.4
2021/08/16 Security Bulletin: Prototype pollution flaw in y18n in IBM DataPower Gateway 7.3
IBM
 10.0.1.4
DataPower Gateway 2018.4.1.17
2021/08/16 Security Bulletin: Vulnerabilities in Node.js in IBM DataPower Gateway 7.5
IBM
10.0.3.0
DataPower Gateway
10.0.1.4
2018.4.1.17
2021/08/16 Security Bulletin: Multiple vulnerabilities in AngularJS 7.3
IBM
10.0.3.0
DataPower Gateway
10.0.1.4
2018.1.1.17
2021/06/04 Security Bulletin: Multiple vulnerabilities may affect JRE in IBM DataPower Gateway 9.8
IBM
10.0.1.3
DataPower Gateway
2018.4.1.16
2021/06/04 Security Bulletin: IBM DataPower Gateway GUI permits use of GET 3.7
IBM
 10.0.1.1
DataPower Gateway 2018.4.1.15
2021/06/04 Security Bulletin: IBM DataPower Gateway vulnerable to a DoS attack 5.3
IBM
 10.0.1.2
DataPower Gateway
2021/04/19 Security Bulletin: Potential TLS vulnerability using Diffie-Hellman TLS ciphersuites in IBM DataPower Gateway (CVE-2020-1968) 3.7
IBM
 2018.4.1.16
DataPower Gateway
2021/03/11 Security Bulletin: IBM DataPower Gateway vulnerability in TLS (CVE-2020-4831) 5.9
IBM
10.0.1.1
DataPower Gateway
2021/03/07 Security Bulletin: IBM DataPower Gateway vulnerable to an RCE attack (CVE-2020-5014) 6.7
IBM
10.0.1.2
DataPower Gateway 2018.4.1.15
2021/01/08 Security Bulletin: IBM DataPower Gateway Java security update 5.3
IBM
10.0.1.1
DataPower Gateway 2018.4.1.14
2021/01/07 Security Bulletin: IBM DataPower Monitor is potentially vulnerable to an authentication bypass (CVE-2020-8172) 7.5
IBM
10.0.0.1
DataPower Gateway 2018.4.1.14

[{"Line of Business":{"code":"LOB45","label":"Automation"},"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Product":{"code":"SS9H2Y","label":"IBM DataPower Gateway"},"ARM Category":[{"code":"a8m50000000CdntAAC","label":"DataPower->Security (SE)"}],"ARM Case Number":"","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Version(s)"}]

Document Information

Modified date:
14 September 2021

UID

ibm16398779

Page Feedback