Vulnetix
Try Vulnetix Request Demo
CVE-2014-3058 PUBLISHED CVSS 6 MEDIUM

Cross-site request forgery (CSRF) vulnerability on the IBM WebSphere DataPower XC10 appliance 2.1 and 2.5 before FP4 allows remote authenticated users to hijack the authentication of arbitrary users for requests that insert XSS sequences.

EPSS 0.10% · 27.9th percentile

Risk Scores

CVSS v2.0
6
EPSS Score
0.10%
27.9th percentile

Affected Products

VendorProductVersions
n/an/an/a
ibmwebsphere_datapower_xc10_appliance_firmware2.1.0.0, 2.5.0.0

Timeline

References

Open in Interactive Console →