CVE-2015-1893 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2015-1893

CWE

https://cwe.mitre.org/data/definitions/264.html

The IBM WebSphere DataPower XC10 appliance 2.1 before 2.1.0.3 allows remote attackers to hijack the sessions of arbitrary users, and consequently obtain sensitive information or modify data, via unspecified vectors.

Affected Software

Name	Vendor	Start Version	End Version
Websphere_datapower_xc10_appliance_firmware	Ibm	2.1.0.0 (including)	2.1.0.0 (including)
Websphere_datapower_xc10_appliance_firmware	Ibm	2.1.0.1 (including)	2.1.0.1 (including)
Websphere_datapower_xc10_appliance_firmware	Ibm	2.1.0.2 (including)	2.1.0.2 (including)

References

http://www-01.ibm.com/support/docview.wss?uid=swg1IT07841
http://www-01.ibm.com/support/docview.wss?uid=swg21701337
http://www.securityfocus.com/bid/73916
http://www.securitytracker.com/id/1032025
http://www-01.ibm.com/support/docview.wss?uid=swg1IT07841
http://www-01.ibm.com/support/docview.wss?uid=swg21701337
http://www.securityfocus.com/bid/73916
http://www.securitytracker.com/id/1032025