Bypassing Administrative-Role Requirements in IBM WebSphere DataPower XC10 Appliance

Bypassing Administrative-Role Requirements in IBM WebSphere DataPower XC10 Appliance

CVE-2012-5759 · HIGH Severity

AV:N/AC:L/AU:S/C:C/I:C/A:C

The IBM WebSphere DataPower XC10 Appliance 2.0.0.0 through 2.0.0.3 and 2.1.0.0 through 2.1.0.2 allows remote authenticated users to bypass intended administrative-role requirements and perform arbitrary JMX operations via unspecified vectors.

Learn more about our Cis Benchmark Audit For Ibm I.