Unrated severityNVD Advisory· Published Apr 6, 2015· Updated Jun 17, 2026
CVE-2015-1893
CVE-2015-1893
Description
The IBM WebSphere DataPower XC10 appliance 2.1 before 2.1.0.3 allows remote attackers to hijack the sessions of arbitrary users, and consequently obtain sensitive information or modify data, via unspecified vectors.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4cpe:2.3:o:ibm:websphere_datapower_xc10_appliance_firmware:2.1.0.0:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:ibm:websphere_datapower_xc10_appliance_firmware:2.1.0.0:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:websphere_datapower_xc10_appliance_firmware:2.1.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:websphere_datapower_xc10_appliance_firmware:2.1.0.2:*:*:*:*:*:*:*
- Range: <2.1.0.3
Patches
Vulnerability mechanics
References
4- www-01.ibm.com/support/docview.wssnvdPatchVendor Advisory
- www-01.ibm.com/support/docview.wssnvdVendor Advisory
- www.securityfocus.com/bid/73916nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1032025nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.