07 Nov 2015
CVE-2015-7412
Vulnerability Details : The GatewayScript modules on IBM DataPower Gateways with software 7.2.0.x before 7.2.0.1, when the GatewayScript decryption API or a JWE decrypt action is enabled, do not require signed ciphertext data, which makes it easier for remote attackers to obtain plaintext data via a padding-oracle attack. Publish Date : 2015-11-08 Last Update Date : 2015-11-09 - CVSS Scores & Vulnerability Types
- Products Affected By CVE-2015-7412
- Number Of Affected Versions By Product
- References For CVE-2015-7412
| ||||||||||||||||||||||||||||||||||||||||||||||||||||
- Metasploit Modules Related To CVE-2015-7412There are not any metasploit modules related to this vulnerability (Please visit www.metasploit.com for more information) |