Vulnerability Description
The IBM WebSphere DataPower XC10 appliance 2.1 before 2.1.0.3 allows remote attackers to hijack the sessions of arbitrary users, and consequently obtain sensitive information or modify data, via unspecified vectors.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Websphere Datapower Xc10 Appliance Firmware | 2.1.0.0 |
Related Weaknesses (CWE)
References
- http://www-01.ibm.com/support/docview.wss?uid=swg1IT07841Vendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg21701337PatchVendor Advisory
- http://www.securityfocus.com/bid/73916Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1032025Third Party AdvisoryVDB Entry
- http://www-01.ibm.com/support/docview.wss?uid=swg1IT07841Vendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg21701337PatchVendor Advisory
- http://www.securityfocus.com/bid/73916Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1032025Third Party AdvisoryVDB Entry
FAQ
What is CVE-2015-1893?
CVE-2015-1893 is a vulnerability with a CVSS score of 6.8 (MEDIUM). The IBM WebSphere DataPower XC10 appliance 2.1 before 2.1.0.3 allows remote attackers to hijack the sessions of arbitrary users, and consequently obtain sensitive information or modify data, via unspe...
How severe is CVE-2015-1893?
CVE-2015-1893 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2015-1893?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Websphere Datapower Xc10 Appliance Firmware.