CVE-2014-3060

Published: Oct 2, 2014Modified: May 6, 2026

10.0

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 10.0 / Impact: 10.0

Source: NVD

Description

Unspecified vulnerability on the IBM WebSphere DataPower XC10 appliance 2.5 allows remote attackers to obtain administrative privileges by leveraging access to an eXtreme Scale distributed ObjectGrid network and capturing a session cookie.

Affected (2)

Products: Ibm: Websphere Datapower Xc10 Appliance Firmware, Websphere Datapower Xc10 Appliance

Ibm

2 products

Websphere Datapower Xc10 Appliance Firmware

Websphere Datapower Xc10 Appliance

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Ibm Websphere Datapower Xc10 Appliance Firmware	Version 2.5.0.0
Ibm Websphere Datapower Xc10 Appliance	All versions

References (6)

http://www-01.ibm.com/support/docview.wss?uid=swg1IT03476

Source: psirt@us.ibm.com

Vendor Advisory

http://www-01.ibm.com/support/docview.wss?uid=swg21685705

Source: psirt@us.ibm.com

PatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/93534

Source: psirt@us.ibm.com

http://www-01.ibm.com/support/docview.wss?uid=swg1IT03476

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www-01.ibm.com/support/docview.wss?uid=swg21685705

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/93534

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.