{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-02T02:56:20.103","vulnerabilities":[{"cve":{"id":"CVE-2019-4621","sourceIdentifier":"psirt@us.ibm.com","published":"2019-12-09T23:15:11.577","lastModified":"2024-11-21T04:43:53.167","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"IBM DataPower Gateway 7.6.0.0-7 throug 6.0.14 and 2018.4.1.0 through 2018.4.1.5 have a default administrator account that is enabled if the IPMI LAN channel is enabled. A remote attacker could use this account to gain unauthorised access to the BMC. IBM X-Force ID: 168883."},{"lang":"es","value":"IBM DataPower Gateway versiones 7.6.0.0-7 hasta 6.0.14 y versiones 2018.4.1.0 hasta 2018.4.1.5, presentan una cuenta de administrador predeterminada que está habilitada si el canal LAN de IPMI está habilitado. Un atacante remoto podría utilizar esta cuenta para conseguir acceso no autorizado al BMC. ID de IBM X-Force: 168883."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV30":[{"source":"psirt@us.ibm.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.2,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-1188"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:datapower_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"7.6.0.0","versionEndIncluding":"7.6.0.14","matchCriteriaId":"29F30E01-CD31-49B4-9C6E-99CB1C39BB92"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:datapower_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"2018.4.1.0","versionEndIncluding":"2018.4.1.5","matchCriteriaId":"4083DB86-31FD-4558-BA59-C408949AF8EB"}]}]}],"references":[{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/168883","source":"psirt@us.ibm.com","tags":["VDB Entry","Vendor Advisory"]},{"url":"https://www.ibm.com/support/pages/node/1125615","source":"psirt@us.ibm.com","tags":["Vendor Advisory"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/168883","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["VDB Entry","Vendor Advisory"]},{"url":"https://www.ibm.com/support/pages/node/1125615","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}