IBM Support

2023年に公開された DataPower に関する脆弱性情報

Question & Answer


Question

2023年に公開されたDataPower に関連する脆弱性情報はありますか?

Answer

2023年に公開された DataPower 関連の脆弱性情報は以下のとおりです。(2023/12/14更新)
修正が含まれるFix Pack/Firmwareの導入をお勧めいたします。
公開日 タイトル
CVSS
基本値
 修正が含まれるfixレベル
2023/12/13 Security Bulletin: IBM DataPower Gateway potentially vulnerable to a denial of service (CVE-2023-4807) 7.8
IBM
10.5.3
DataPower
10.5.0.8 
Gateway 10.0.1.16
2023/10/13 Security Bulletin: IBM DataPower Gateway vulnerable to multiple issues in Node.js 5.9
IBM
10.5.2
DataPower
10.5.0.7 
Gateway 10.0.1.15
2023/10/12 Security Bulletin: DataPower Operator vulnerable to DOS (CVE-2023-29409) 5.7
IBM DataPower Operator
1.7.0
1.6.0-1.6.8
IBM DataPower Operator
1.8.0
1.6.9
2023/05/02 Security Bulletin: Potential security bypass in IBM DataPower Gateway (CVE_2023-23920) 2.7
IBM
10.5.0.5
DataPower
10.0.1.13 
Gateway
2023/05/02 Security Bulletin: IBM DataPower Gateway affected by multiple CVEs in OpenSSL 8.2
IBM
10.5.0.4
DataPower
10.0.4.0sr3
10.0.1.12 
Gateway
2018.4.1.26
2023/05/01 Security Bulletin: Potential denial of service in IBM DataPower Gateway (CVE-2022-25881) 5.3
IBM
10.5.0.5
DataPower
Gateway
2023/04/12 Security Bulletin: DataPower Operations Dashboard vulnerable to multiple CVEs 7.5
DataPower Operations Dashboard 1.0.0.0 - 1.0.18.0
1.0.19.0
2023/03/07 Security Bulletin: IBM DataPower Gateway potentially vulnerable to Denial of Service (CVE-2022-4450) 7.5
IBM
10.5.0.4
DataPower
10.0.1.12
Gateway
2023/02/28 Security Bulletin: DataPower Operator vulnerable to Denial of Service (CVE-2022-41724) 6.5
IBM DataPower Operator 1.6.0-1.6.5
IBM DataPower Operator 1.6.6
2023/01/04 Security Bulletin: IBM DataPower Gateway affected by vulnerability in Java (CVE-2022-21626) 5.3
IBM
10.5.0.3
DataPower
10.0.1.11
Gateway
2018.4.1.24

[{"Type":"MASTER","Line of Business":{"code":"LOB45","label":"Automation"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SS9H2Y","label":"IBM DataPower Gateway"},"ARM Category":[{"code":"a8m50000000CdntAAC","label":"DataPower-\u003ESecurity (SE)"},{"code":"a8m50000000CdocAAC","label":"DataPower-\u003ESecurity (SE)-\u003EVulnerability"}],"ARM Case Number":"","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions"}]

Document Information

Modified date:
14 December 2023

UID

ibm16852703

Page Feedback