Vulnerabilities > IBM > Datapower Gateway > 7.5.0.8
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-04-04 | CVE-2018-1421 | XXE vulnerability in IBM Datapower Gateway IBM WebSphere DataPower Appliances 7.1, 7.2, 7.5, 7.5.1, 7.5.2, and 7.6 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. | 7.1 |
| 2018-01-31 | CVE-2017-1773 | Insufficient Verification of Data Authenticity vulnerability in IBM Datapower Gateway IBM DataPower Gateways 7.1, 7,2, 7.5, and 7.6 could allow an attacker using man-in-the-middle techniques to spoof DNS responses to perform DNS cache poisoning and redirect Internet traffic. | 4.0 |
| 2017-09-28 | CVE-2017-1591 | Cross-site Scripting vulnerability in IBM Datapower Gateway IBM WebSphere DataPower Appliances 7.0.0 through 7.6 is vulnerable to cross-site scripting. | 6.1 |