Vulnerabilities > IBM > Datapower Gateway > 10.0.0.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-07 | CVE-2020-5008 | Insecure Storage of Sensitive Information vulnerability in IBM Datapower Gateway IBM DataPower Gateway 10.0.0.0 through 10.0.1.0 and 2018.4.1.0 through 2018.4.1.14 stores sensitive information in GET request parameters. | 5.3 |
| 2021-03-12 | CVE-2020-4831 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Datapower Gateway 10.0.0.0/10.0.0.1/10.0.1.0 IBM DataPower Gateway 10.0.0.0 through 10.0.1.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 7.5 |
| 2021-03-08 | CVE-2020-5014 | Server-Side Request Forgery (SSRF) vulnerability in IBM Datapower Gateway IBM DataPower Gateway V10 and V2018 could allow a local attacker with administrative privileges to execute arbitrary code on the system using a server-side requesr forgery attack. | 6.7 |
| 2020-10-06 | CVE-2020-4528 | Unspecified vulnerability in IBM Datapower Gateway IBM MQ Appliance (IBM DataPower Gateway 10.0.0.0 and 2018.4.1.0 through 2018.4.1.12) could allow a local user, under special conditions, to obtain highly sensitive information from log files. | 5.5 |