{"containers": {"cna": {"affected": [{"product": "DataPower Gateways", "vendor": "IBM", "versions": [{"status": "affected", "version": "7.0.0"}, {"status": "affected", "version": "7.1"}, {"status": "affected", "version": "7.2"}, {"status": "affected", "version": "7.5"}, {"status": "affected", "version": "7.5.1"}, {"status": "affected", "version": "7.5.2"}, {"status": "affected", "version": "7.6"}]}], "datePublic": "2017-09-25T00:00:00", "descriptions": [{"lang": "en", "value": "IBM WebSphere DataPower Appliances 7.0.0 through 7.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 132368."}], "problemTypes": [{"descriptions": [{"description": "Cross-Site Scripting", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-10-02T19:57:01", "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www.ibm.com/support/docview.wss?uid=swg22008815"}, {"tags": ["x_refsource_MISC"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/132368"}, {"name": "101021", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/101021"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@us.ibm.com", "DATE_PUBLIC": "2017-09-25T00:00:00", "ID": "CVE-2017-1591", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "DataPower Gateways", "version": {"version_data": [{"version_value": "7.0.0"}, {"version_value": "7.1"}, {"version_value": "7.2"}, {"version_value": "7.5"}, {"version_value": "7.5.1"}, {"version_value": "7.5.2"}, {"version_value": "7.6"}]}}]}, "vendor_name": "IBM"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "IBM WebSphere DataPower Appliances 7.0.0 through 7.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 132368."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Cross-Site Scripting"}]}]}, "references": {"reference_data": [{"name": "http://www.ibm.com/support/docview.wss?uid=swg22008815", "refsource": "CONFIRM", "url": "http://www.ibm.com/support/docview.wss?uid=swg22008815"}, {"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/132368", "refsource": "MISC", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/132368"}, {"name": "101021", "refsource": "BID", "url": "http://www.securityfocus.com/bid/101021"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T13:39:31.482Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.ibm.com/support/docview.wss?uid=swg22008815"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/132368"}, {"name": "101021", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/101021"}]}]}, "cveMetadata": {"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "assignerShortName": "ibm", "cveId": "CVE-2017-1591", "datePublished": "2017-09-27T17:00:00Z", "dateReserved": "2016-11-30T00:00:00", "dateUpdated": "2024-09-16T18:55:34.902Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.0.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "2A38D3F1-B9B7-4507-9E7D-8D6BB6B4BA5E", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.0.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "FCDD32DA-E5B7-4396-8DE4-EEE9E2A2578B", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.0.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "102B1969-5BE1-4CC2-9588-691D715F4DA2", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.0.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "D8EBFF6E-53A2-4187-801A-8640D941C717", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.0.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "2A51FA23-9FF6-4236-9EBE-C063EA70211B", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.0.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "16E0456B-A3DA-4E78-9566-11106CB57B86", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.0.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "79CAC5E6-15C2-4F22-A3D3-CA58A33903F8", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.0.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "B4A92C11-CB05-4D5F-A58D-1AC2A2AE49E1", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.0.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "2A9C4B24-3F61-4790-920E-67A287F4FD27", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.0.0.9:*:*:*:*:*:*:*", "matchCriteriaId": "3470C5C5-0023-433F-8266-05EDAC5E1C59", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.0.0.10:*:*:*:*:*:*:*", "matchCriteriaId": "036E1DC3-3CFF-4F20-B908-36871BC513EE", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.0.0.11:*:*:*:*:*:*:*", "matchCriteriaId": "EAC5134B-9542-4EA3-A10B-C7A3C6DEFF22", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.0.0.12:*:*:*:*:*:*:*", "matchCriteriaId": "8F5389D4-9396-428F-90B2-F1E91B600A83", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.0.0.13:*:*:*:*:*:*:*", "matchCriteriaId": "49945A97-02BF-4F4B-80C3-CEE2ADEF8142", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.0.0.14:*:*:*:*:*:*:*", "matchCriteriaId": "3F6F1087-E586-4D87-B323-CE8FBB370DF2", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.0.0.15:*:*:*:*:*:*:*", "matchCriteriaId": "BCDA13A7-83FE-4B20-A7D0-76183699B09C", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.0.0.16:*:*:*:*:*:*:*", "matchCriteriaId": "FE9AD587-4B32-439F-9C99-3A5E293C6CFE", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.0.0.17:*:*:*:*:*:*:*", "matchCriteriaId": "351F8DC4-34ED-478A-8F63-530E91651861", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.0.0.18:*:*:*:*:*:*:*", "matchCriteriaId": "964ED59D-2118-47F8-BD01-66051DC7957D", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.0.0.19:*:*:*:*:*:*:*", "matchCriteriaId": "7FED8A1C-7C8B-4636-BD55-A30F361BF3B7", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.1.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "A46CC198-5282-4398-9AA3-96FA18D1B76F", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "D48173CD-C84A-4A3A-A91A-E3808BFD0CCD", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "5EDB53F0-8AFD-4ACC-A8EC-D910E5B77996", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "022E5711-C03B-4456-8F31-C7685E010FD7", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.1.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "1FEDAEBE-CB98-4B2B-A228-4B730401262F", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.1.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "4BFA9D43-38AE-4331-8031-DE20A0DDB02A", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.1.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "A159909C-C85A-4A6D-B2FE-AAC130BAFC40", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.1.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "48CAF192-4F42-4DCB-8F81-9B72554CD5A4", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.1.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "1D0C8E56-F6C9-4D91-B974-6A4DD6D2593F", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.1.0.9:*:*:*:*:*:*:*", "matchCriteriaId": "48B717E5-84C1-4CF5-BDDB-22EC2EE9DE2C", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.1.0.10:*:*:*:*:*:*:*", "matchCriteriaId": "44805D56-CD37-480D-947F-C7B075E72F22", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.1.0.11:*:*:*:*:*:*:*", "matchCriteriaId": "F297CABF-10ED-405B-AEEB-FED174EF56A8", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.1.0.12:*:*:*:*:*:*:*", "matchCriteriaId": "AC7929BF-68EE-440D-92AE-77A4984CF3D7", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.1.0.13:*:*:*:*:*:*:*", "matchCriteriaId": "DB853AEF-DF28-477A-B6F0-3EDE63BCA93A", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.1.0.14:*:*:*:*:*:*:*", "matchCriteriaId": "3D84AAA9-B3B9-42F9-9703-847DFE8D8178", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.1.0.15:*:*:*:*:*:*:*", "matchCriteriaId": "11E7C415-D1CF-4A76-9FE2-DED1605D0AC0", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.1.0.16:*:*:*:*:*:*:*", "matchCriteriaId": "A4AB722E-0E6D-4DCD-A57A-B74B4C2A96E0", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.1.0.17:*:*:*:*:*:*:*", "matchCriteriaId": "BA7E3EE6-A73F-467C-A9D9-52A35597E7C4", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.1.0.18:*:*:*:*:*:*:*", "matchCriteriaId": "36BDBADF-65FA-4EC7-AF9E-AB6A03668154", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.2.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "D32139A0-894E-4A7D-AED8-4584B1680693", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "F41AB81C-9F09-4DCC-BACA-25164CA8053D", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.2.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "33502503-EA47-4498-ABA5-A37E1D0604D3", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.2.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "9BFCE704-2DEC-4339-927E-0519DBCC3B19", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.2.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "F2C5ACAC-960B-42BC-9D5E-CF6AEDB33CD4", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.2.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "3072ABC1-22E9-462F-80EB-489504BC9CC9", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.2.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "D53DB10C-C377-4ABD-9470-325AE52B8AC5", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.2.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "67C298EB-410E-4953-A972-33666EFA7D77", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.2.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "2FC5B96D-DE35-43AC-B720-D35E390DA78A", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.2.0.9:*:*:*:*:*:*:*", "matchCriteriaId": "EE47689B-4233-4038-A0D6-E88567F60BB5", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.2.0.10:*:*:*:*:*:*:*", "matchCriteriaId": "EE074A6E-6FE8-4E6F-BA2B-C1AC95D6D248", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.2.0.11:*:*:*:*:*:*:*", "matchCriteriaId": "9C39DC4C-2268-4D29-8B3B-F84761ECF4AB", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.2.0.12:*:*:*:*:*:*:*", "matchCriteriaId": "DFA8FE6D-BB4A-4AF6-871C-F0681E59C6AB", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.2.0.13:*:*:*:*:*:*:*", "matchCriteriaId": "6092928D-BF84-4A46-8ADA-21D36CD4E230", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.2.0.14:*:*:*:*:*:*:*", "matchCriteriaId": "5A47EBCD-4160-4B17-80ED-3C89629BE8E2", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.2.0.15:*:*:*:*:*:*:*", "matchCriteriaId": "4AFA5522-29C8-4496-B4E1-B894C1DA7AA7", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.5.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "99CA8ACA-4060-49DE-BF60-7D196F175615", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.5.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "267E68E8-EB07-462E-94BB-4F96A63443E8", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.5.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "9BB2F80D-9908-4269-9115-DFF5339705C7", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.5.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "0914A678-A86D-436B-822A-656811CC9EE4", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.5.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "1C7E02EE-BC8E-4B40-82BD-986A93C816E3", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.5.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "6851A125-1929-4839-A423-21A7EBAC7841", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.5.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "E1E8E276-1BEE-4A88-B5DB-EE6C8947C91A", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.5.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "1B328B8D-3B4E-4964-BC8F-506A498B1BEB", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.5.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "48B7BCA8-CF1D-4EF1-B80A-819CB630C49A", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.5.0.9:*:*:*:*:*:*:*", "matchCriteriaId": "BBCBD768-EAD7-40A8-94D5-ECFDC796F1B6", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.5.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "A3BDECCB-7460-4212-AE2F-832E2B3F3AED", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.5.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "C2CA331B-79E6-4051-AA8B-AFDADFEFA718", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.5.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "44C2AA21-0527-4D6B-BAA4-8DDEA964E266", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.5.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "69FE278C-E00A-4739-9A93-5F8F86386455", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.5.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "22F1048C-F9E8-4EF2-AB0C-78E4D65A4925", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.5.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "F4084264-D16A-45AC-A972-AAEE02BD4190", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.5.1.6:*:*:*:*:*:*:*", "matchCriteriaId": "BAB166ED-6AF5-4C16-9E19-DB7B1DDD3B24", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.5.1.7:*:*:*:*:*:*:*", "matchCriteriaId": "A71877AE-CFB5-4B11-880B-C9B2F090B177", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.5.1.8:*:*:*:*:*:*:*", "matchCriteriaId": "119214C4-CF20-4BFE-A0FB-82D15193CB58", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.5.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "32D46C36-6662-48C2-B5B0-4BEDD040F68B", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.5.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "BBD560D9-B35F-41E6-9895-9F39E873B622", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.5.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "C2469E01-F471-496A-800B-C369D6A4EDC2", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.5.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "70347058-3EE4-4B01-98FF-53A0BA2202C8", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.5.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "FCDB0FC9-8890-45CF-BAA5-09CC655AC647", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.5.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "7DDCA98C-9360-4FCB-8B51-1C86994A2C48", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.5.2.6:*:*:*:*:*:*:*", "matchCriteriaId": "B132DA61-30D2-4D04-B8A5-6678A6DF7670", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.5.2.7:*:*:*:*:*:*:*", "matchCriteriaId": "AFDE5F6F-AED2-42ED-A3C7-E3DE7A395548", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.5.2.8:*:*:*:*:*:*:*", "matchCriteriaId": "C8F74EF3-0B80-40C8-84E6-EA01F74738B2", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.6.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "BC26F69C-797D-431A-A948-046423AFE283", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "IBM WebSphere DataPower Appliances 7.0.0 through 7.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 132368."}, {"lang": "es", "value": "IBM WebSphere DataPower Appliances versi\u00f3n 7.0.0 hasta 7.6, es vulnerable a ataques de tipo cross-site scripting. Esta vulnerabilidad permite a los usuarios insertar c\u00f3digo JavaScript arbitrario en la interfaz de usuario web, y por lo tanto, alterar la funcionalidad deseada que podr\u00eda conllevar a la divulgaci\u00f3n de credenciales dentro de una sesi\u00f3n confiable. ID de IBM X-Force: 132368."}], "id": "CVE-2017-1591", "lastModified": "2024-11-21T03:22:06.867", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-09-28T01:29:02.793", "references": [{"source": "psirt@us.ibm.com", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.ibm.com/support/docview.wss?uid=swg22008815"}, {"source": "psirt@us.ibm.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/101021"}, {"source": "psirt@us.ibm.com", "tags": ["Vendor Advisory"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/132368"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.ibm.com/support/docview.wss?uid=swg22008815"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/101021"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/132368"}], "sourceIdentifier": "psirt@us.ibm.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}