Multiple vulnerabilities in IBM DataPower Gateway
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 6 |
| CVE-ID | CVE-2018-1661 CVE-2018-1677 CVE-2018-1665 CVE-2018-1667 CVE-2018-1663 CVE-2018-1652 |
| CWE-ID | CWE-352 CWE-20 CWE-200 CWE-79 CWE-300 CWE-264 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
IBM DataPower Gateway Client/Desktop applications / Software for system administration |
| Vendor | IBM Corporation |
Security Bulletin
This security bulletin contains information about 6 vulnerabilities.
1) Cross-site request forgery
EUVDB-ID: #VU16636
Risk: Low
CVSSv3.1: 5.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-1661
CWE-ID:
CWE-352 - Cross-Site Request Forgery (CSRF)
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform cross-site request forgery attacks.
The vulnerability exists due to insufficient validation of the HTTP request origin. A remote attacker can trick the victim to visit a specially specially crafted web page and execute malicious and unauthorized actions transmitted from a user that the website trusts.
Mitigation| IBM DataPower Gateway | 7.6.0.10 | IT26364 | Install the fix pack. |
| IBM DataPower Gateway | 7.5.2.17 | IT26364 | Install the fix pack. |
| IBM DataPower Gateway | 7.5.1.17 | IT26364 | Install the fix pack. |
| IBM DataPower Gateway | 7.5.0.18 | IT26364 | Install the fix pack. |
IBM DataPower Gateway: 7.5 - 7.6
External linkshttp://exchange.xforce.ibmcloud.com/vulnerabilities/144887
http://www.ibm.com/support/docview.wss?uid=ibm10744189
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Input validation error
EUVDB-ID: #VU16638
Risk: Low
CVSSv3.1: 3.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-1677
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper handling of full file system. A local attacker can cause a denial of service.
MitigationInstall updates from vendor's website:
| IBM DataPower Gateway | 7.1.0.23 | IT25469 | Install the fix pack. |
| IBM DataPower Gateway | 7.2.0.21 | IT25469 | Install the fix pack. |
| IBM DataPower Gateway | 7.5.0.16 | IT25469 | Install the fix pack. |
| IBM DataPower Gateway | 7.5.1.15 | IT25469 | Install the fix pack. |
| IBM DataPower Gateway | 7.5.2.15 | IT25469 | Install the fix pack. |
| IBM DataPower Gateway | 7.6.0.8 | IT25469 | Install the fix pack. |
| IBM DataPower Gateway | 7.7.1.1 | IT25469 | Install the fix pack. |
IBM DataPower Gateway: 7.1 - 7.7
External linkshttp://exchange.xforce.ibmcloud.com/vulnerabilities/145171
http://www.ibm.com/support/docview.wss?uid=ibm10744555
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Information disclosure
EUVDB-ID: #VU16639
Risk: Low
CVSSv3.1: 5.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-1665
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to obtain potentially sensitive information.
The vulnerability exists due to weak cryptographic algorithms. A remote attacker can decrypt highly sensitive information.
MitigationInstall update from vendor's website:
| IBM DataPower Gateway | 2018.4.1.0 | IT26802 | Install the fix pack. |
| IBM DataPower Gateway | 7.6.0.11 | IT26802 | Install the fix pack. |
| IBM DataPower Gateway | 7.5.2.18 | IT26802 | Install the fix pack. |
| IBM DataPower Gateway | 7.5.1.18 | IT26802 | Install the fix pack. |
| IBM DataPower Gateway | 7.5.0.19 | IT26802 | Install the fix pack. |
IBM DataPower Gateway: 7.5.0.0 - 7.7.1.3
External linkshttp://www-01.ibm.com/support/docview.wss?uid=ibm10744195
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Cross-site scripting
EUVDB-ID: #VU16640
Risk: Low
CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-1667
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote authenticated attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data. A remote attacker can edit new comments from higher-privileged users, trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationInstall update from vendor's website:
| IBM DataPower Gateway | 2018.4.1.0 | IT26335 | Install the fix pack. |
| IBM DataPower Gateway | 7.6.0.11 | IT26335 | Install the fix pack. |
| IBM DataPower Gateway | 7.5.2.18 | IT26335 | Install the fix pack. |
| IBM DataPower Gateway | 7.5.1.18 | IT26335 | Install the fix pack. |
| IBM DataPower Gateway | 7.5.0.19 | IT26335 | Install the fix pack. |
IBM DataPower Gateway: 7.5.0.0 - 7.7.1.3
External linkshttp://www-01.ibm.com/support/docview.wss?uid=ibm10744209
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Man-in-the-middle attack
EUVDB-ID: #VU16641
Risk: Low
CVSSv3.1: 5.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-1663
CWE-ID:
CWE-300 - Channel Accessible by Non-Endpoint ('Man-in-the-Middle')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to conduct MITM attack.
The vulnerability exists due to the failure to properly enable HTTP Strict Transport Security. A remote attacker can use man-in-the-middle techniques and gain access to potentially sensitive information.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM DataPower Gateway: 7.5 - 7.6
External linkshttp://www-01.ibm.com/support/docview.wss?uid=ibm10740033
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Denial of service
EUVDB-ID: #VU16642
Risk: Low
CVSSv3.1: 5.4 [CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2018-1652
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a local unprivileged attacker to cause DoS condition.
The vulnerability exists due to unspecified flaw. A local attacker can cause the service to crash.
MitigationInstall update from vendor's website:
| IBM DataPower Gateway | 7.1.0.20 | IT21445 | Install the fix pack. |
| IBM DataPower Gateway | 7.2.0.17 | IT21445 | Install the fix pack. |
| IBM DataPower Gateway | 7.5.0.11 | IT21445 | Install the fix pack. |
| IBM DataPower Gateway | 7.5.1.10 | IT21445 | Install the fix pack. |
| IBM DataPower Gateway | 7.5.2.10 | IT21445 | Install the fix pack. |
| IBM DataPower Gateway | 7.6.0.3 | IT21445 | Install the fix pack. |
IBM DataPower Gateway: 7.1.0.0 - 7.6.0.2
External linkshttp://www-01.ibm.com/support/docview.wss?uid=ibm10744557
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
