Vulnerabilities > CVE-2014-3060 - Local Information Disclosure vulnerability in IBM products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Unspecified vulnerability on the IBM WebSphere DataPower XC10 appliance 2.5 allows remote attackers to obtain administrative privileges by leveraging access to an eXtreme Scale distributed ObjectGrid network and capturing a session cookie.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 1 | |
Hardware | 1 |