Strix
26.1K

CVE-2010-1612

UnknownEPSS 1.75%

Last modified

CVE-2010-1612 is a vulnerability of currently unknown severity. The IBM WebSphere DataPower XML Accelerator XA35, Low Latency Appliance XM70, Integration Appliance XI50, B2B Appliance XB60, and XML Security Gateway XS40 SOA Appliances before 3.8.0.0, when a QLOGIC Ethernet interface is used, allow remote attackers to cause a denial of service (interface outage) via malformed ICMP packets to the 0.0.0.0 destination IP address.. EPSS estimates a 1.75% chance of exploitation in the next 30 days.

Description

The IBM WebSphere DataPower XML Accelerator XA35, Low Latency Appliance XM70, Integration Appliance XI50, B2B Appliance XB60, and XML Security Gateway XS40 SOA Appliances before 3.8.0.0, when a QLOGIC Ethernet interface is used, allow remote attackers to cause a denial of service (interface outage) via malformed ICMP packets to the 0.0.0.0 destination IP address.

Metrics

EPSS Probability
1.75%

75.0th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

VendorProductVersions
IbmWebsphere Datapower Xml Accelerator Xa35<= 3.7.3.10
IbmWebsphere Datapower Xml Accelerator Xa353.7.2
IbmWebsphere Datapower Xml Accelerator Xa353.7.3
IbmWebsphere Datapower Xml Accelerator Xa353.7.3.1
IbmWebsphere Datapower Xml Accelerator Xa353.7.3.2
IbmWebsphere Datapower Xml Accelerator Xa353.7.3.3
IbmWebsphere Datapower Xml Accelerator Xa353.7.3.4
IbmWebsphere Datapower Xml Accelerator Xa353.7.3.5
IbmWebsphere Datapower Xml Accelerator Xa353.7.3.6
IbmWebsphere Datapower Xml Accelerator Xa353.7.3.7
IbmWebsphere Datapower Xml Accelerator Xa353.7.3.8
IbmWebsphere Datapower Xml Accelerator Xa353.7.3.9
IbmWebsphere Datapower Xml Accelerator Xa353.8.0.0
IbmWebsphere Datapower Xml Accelerator Xa353.8.0.1
IbmWebsphere Datapower Xml Accelerator Xa353.8.0.2
IbmWebsphere Datapower Xml Accelerator Xa353.8.0.3
IbmWebsphere Datapower Xml Accelerator Xa353.8.0.4
IbmWebsphere Datapower Xml Security Gateway Xs40<= 3.7.3.10
IbmWebsphere Datapower Xml Security Gateway Xs403.7.2
IbmWebsphere Datapower Xml Security Gateway Xs403.7.3
IbmWebsphere Datapower Xml Security Gateway Xs403.7.3.1
IbmWebsphere Datapower Xml Security Gateway Xs403.7.3.2
IbmWebsphere Datapower Xml Security Gateway Xs403.7.3.3
IbmWebsphere Datapower Xml Security Gateway Xs403.7.3.4
IbmWebsphere Datapower Xml Security Gateway Xs403.7.3.5
IbmWebsphere Datapower Xml Security Gateway Xs403.7.3.6
IbmWebsphere Datapower Xml Security Gateway Xs403.7.3.7
IbmWebsphere Datapower Xml Security Gateway Xs403.7.3.8
IbmWebsphere Datapower Xml Security Gateway Xs403.7.3.9
IbmWebsphere Datapower Xml Security Gateway Xs403.8.0.0
IbmWebsphere Datapower Xml Security Gateway Xs403.8.0.1
IbmWebsphere Datapower Xml Security Gateway Xs403.8.0.2
IbmWebsphere Datapower Xml Security Gateway Xs403.8.0.3
IbmWebsphere Datapower Xml Security Gateway Xs403.8.0.4
IbmWebsphere Datapower Datapower Integration Appliance Xi50<= 3.7.3.10
IbmWebsphere Datapower Datapower Integration Appliance Xi503.7.2
IbmWebsphere Datapower Datapower Integration Appliance Xi503.7.3
IbmWebsphere Datapower Datapower Integration Appliance Xi503.7.3.1
IbmWebsphere Datapower Datapower Integration Appliance Xi503.7.3.2
IbmWebsphere Datapower Datapower Integration Appliance Xi503.7.3.3
IbmWebsphere Datapower Datapower Integration Appliance Xi503.7.3.4
IbmWebsphere Datapower Datapower Integration Appliance Xi503.7.3.5
IbmWebsphere Datapower Datapower Integration Appliance Xi503.7.3.6
IbmWebsphere Datapower Datapower Integration Appliance Xi503.7.3.7
IbmWebsphere Datapower Datapower Integration Appliance Xi503.7.3.8
IbmWebsphere Datapower Datapower Integration Appliance Xi503.7.3.9
IbmWebsphere Datapower Datapower Integration Appliance Xi503.8.0.0
IbmWebsphere Datapower Datapower Integration Appliance Xi503.8.0.1
IbmWebsphere Datapower Datapower Integration Appliance Xi503.8.0.2
IbmWebsphere Datapower Datapower Integration Appliance Xi503.8.0.4

Showing 50 of 81 affected configurations. See NVD for the full list.

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2010-1612?
The IBM WebSphere DataPower XML Accelerator XA35, Low Latency Appliance XM70, Integration Appliance XI50, B2B Appliance XB60, and XML Security Gateway XS40 SOA Appliances before 3.8.0.0, when a QLOGIC Ethernet interface is used, allow remote attackers to cause a denial of service (interface outage) via malformed ICMP packets to the 0.0.0.0 destination IP address.
How severe is CVE-2010-1612?
Severity scoring for CVE-2010-1612 is pending analysis. The EPSS model estimates a 1.75% probability of exploitation in the next 30 days.
How do I fix CVE-2010-1612?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2010-1612?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST