PT-2018-6558 · Ibm · Ibm Datapower Gateway

Publicado

2018-01-31

Atualizado

2018-02-15

CVE-2017-1773

CVSS v2.0

4.3

Média

Vetor

AV:N/AC:M/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions: IBM DataPower Gateways versions 7.1, 7.2, 7.5, and 7.6

Description: The issue allows an attacker to use man-in-the-middle techniques to spoof DNS responses, potentially leading to DNS cache poisoning and redirection of Internet traffic.

Recommendations: For IBM DataPower Gateways versions 7.1, 7.2, 7.5, and 7.6, at the moment, there is no information about a newer version that contains a fix for this issue.

Correção

Insufficient Verification of Data Authenticity

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-345

Identificadores relacionados

CVE-2017-1773

Produtos afetados

Ibm Datapower Gateway

PT-2018-6558 · Ibm · Ibm Datapower Gateway

CVE-2017-1773

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 4