VYPR
Unrated severityNVD Advisory· Published Aug 3, 2015· Updated Jun 17, 2026

CVE-2015-1970

CVE-2015-1970

Description

The IBM WebSphere DataPower XC10 appliance 2.1 through 2.1.0.3 and 2.5 through 2.5.0.4 retains data on SSD cards, which might allow physically proximate attackers to obtain sensitive information by extracting a card and attaching it elsewhere.

Affected products

10
  • cpe:2.3:o:ibm:websphere_datapower_xc10_appliance_firmware:2.1.0.0:*:*:*:*:*:*:*+ 8 more
    • cpe:2.3:o:ibm:websphere_datapower_xc10_appliance_firmware:2.1.0.0:*:*:*:*:*:*:*
    • cpe:2.3:o:ibm:websphere_datapower_xc10_appliance_firmware:2.1.0.1:*:*:*:*:*:*:*
    • cpe:2.3:o:ibm:websphere_datapower_xc10_appliance_firmware:2.1.0.2:*:*:*:*:*:*:*
    • cpe:2.3:o:ibm:websphere_datapower_xc10_appliance_firmware:2.1.0.3:*:*:*:*:*:*:*
    • cpe:2.3:o:ibm:websphere_datapower_xc10_appliance_firmware:2.5.0.0:*:*:*:*:*:*:*
    • cpe:2.3:o:ibm:websphere_datapower_xc10_appliance_firmware:2.5.0.1:*:*:*:*:*:*:*
    • cpe:2.3:o:ibm:websphere_datapower_xc10_appliance_firmware:2.5.0.2:*:*:*:*:*:*:*
    • cpe:2.3:o:ibm:websphere_datapower_xc10_appliance_firmware:2.5.0.3:*:*:*:*:*:*:*
    • cpe:2.3:o:ibm:websphere_datapower_xc10_appliance_firmware:2.5.0.4:*:*:*:*:*:*:*
  • Range: >=2.1 <=2.1.0.3, >=2.5 <=2.5.0.4

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.