Unrated severityNVD Advisory· Published Aug 3, 2015· Updated May 6, 2026

CVE-2015-1970

Description

The IBM WebSphere DataPower XC10 appliance 2.1 through 2.1.0.3 and 2.5 through 2.5.0.4 retains data on SSD cards, which might allow physically proximate attackers to obtain sensitive information by extracting a card and attaching it elsewhere.

Affected products

IBM/Websphere Datapower Xc10 Appliance Firmware9 versions
cpe:2.3:o:ibm:websphere_datapower_xc10_appliance_firmware:2.1.0.0:*:*:*:*:*:*:*+ 8 more
- cpe:2.3:o:ibm:websphere_datapower_xc10_appliance_firmware:2.1.0.0:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:websphere_datapower_xc10_appliance_firmware:2.1.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:websphere_datapower_xc10_appliance_firmware:2.1.0.2:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:websphere_datapower_xc10_appliance_firmware:2.1.0.3:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:websphere_datapower_xc10_appliance_firmware:2.5.0.0:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:websphere_datapower_xc10_appliance_firmware:2.5.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:websphere_datapower_xc10_appliance_firmware:2.5.0.2:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:websphere_datapower_xc10_appliance_firmware:2.5.0.3:*:*:*:*:*:*:*
- cpe:2.3:o:ibm:websphere_datapower_xc10_appliance_firmware:2.5.0.4:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www-01.ibm.com/support/docview.wssnvdPatchVendor Advisory
www-01.ibm.com/support/docview.wssnvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000