Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Unspecified vulnerability on the IBM WebSphere DataPower XC10 appliance 2.5 allows remote attackers to obtain administrative privileges by leveraging access to an eXtreme Scale distributed ObjectGrid network and capturing a session cookie.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
IBM WebSphere DataPower XC10 Appliance 安全漏洞
Vulnerability Description
IBM WebSphere DataPower XC10是美国IBM公司的一套高速缓存平台。该平台可在对现有应用程序几乎不做任何更改的情况下对数据进行分布式高速缓存。 IBM WebSphere DataPower XC10 Appliance 2.5版本中存在安全漏洞,该漏洞源于程序创建会话cookie时没有设置安全属性。远程攻击者可通过访问eXtreme Scale distributed ObjectGrid网络利用该漏洞获取管理员权限。
CVSS Information
N/A
Vulnerability Type
N/A