{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-11T21:51:24.511","vulnerabilities":[{"cve":{"id":"CVE-2021-38910","sourceIdentifier":"psirt@us.ibm.com","published":"2022-03-10T20:15:08.200","lastModified":"2024-11-21T06:18:11.710","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"IBM DataPower Gateway V10CD, 10.0.1, and 2108.4.1 could allow a remote attacker to bypass security restrictions, caused by the improper validation of input. By sending a specially crafted JSON message, an attacker could exploit this vulnerability to modify structure and fields. IBM X-Force ID: 209824."},{"lang":"es","value":"IBM DataPower Gateway versiones V10CD, 10.0.1 y 2108.4.1, podría permitir a un atacante remoto omitir las restricciones de seguridad, causado por una comprobación incorrecta de la entrada. Al enviar un mensaje JSON especialmente diseñado, un atacante podría explotar esta vulnerabilidad para modificar la estructura y los campos. IBM X-Force ID: 209824"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}],"cvssMetricV30":[{"source":"psirt@us.ibm.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N","baseScore":3.7,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.2,"impactScore":1.4}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:P/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-20"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:datapower_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"10.0.1.0","versionEndIncluding":"10.0.1.5","matchCriteriaId":"7C242C00-2B08-4D30-8353-BC6EFF4C08BC"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:datapower_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"2018.4.1.0","versionEndIncluding":"2018.4.1.18","matchCriteriaId":"99FA702F-1D35-4553-BBE3-A94BE958641F"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:datapower_gateway:10.0.2.0:*:*:*:*:*:*:*","matchCriteriaId":"12B6C926-133E-42AF-8FB9-4B23C3EBAF27"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:datapower_gateway:10.0.3.0:*:*:*:*:*:*:*","matchCriteriaId":"7B44C41B-CBDA-4000-9602-07D279BDEB03"}]}]}],"references":[{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/209824","source":"psirt@us.ibm.com","tags":["VDB Entry","Vendor Advisory"]},{"url":"https://www.ibm.com/support/pages/node/6562347","source":"psirt@us.ibm.com","tags":["Vendor Advisory"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/209824","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["VDB Entry","Vendor Advisory"]},{"url":"https://www.ibm.com/support/pages/node/6562347","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}