IBM WebSphere DataPower XC10 Security Restriction Bypass Vulnerability
Release date:
Updated on:
Affected Systems:
IBM WebSphere DataPower XC10 2.5
IBM WebSphere DataPower XC10 2.1
Description:
CVE (CAN) ID: CVE-2014-6138
XC10 is a combination of the powerful WebSphere DataPower hardware platform and advanced IBM distributed cache technology.
IBM WebSphere DataPower XC10 devices 2.1 and 2.5 have security vulnerabilities. authenticated remote users can exploit this vulnerability to bypass access restrictions on target raster data.
<* Source: IBM (ncsupp@ca.ibm.com)
*>
Suggestion:
Vendor patch:
IBM
---
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://www-01.ibm.com/support/docview.wss? Uid = swg21691035
Http://www-01.ibm.com/support/docview.wss? Uid = swg1IT04614
Http://xforce.iss.net/xforce/xfdb/96852
This article permanently updates the link address: