Show plain JSON{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:datapower_gateway:*:*:*:*:*:*:*:*", "matchCriteriaId": "E524A627-7C12-4690-8C0B-C8EC9E48E450", "versionEndIncluding": "6.0.0.16", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:6.0.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "6EFE4D39-69BE-485E-A850-24EDF8E18BD8", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:6.0.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "A5F3858D-8420-4131-B7D6-976CD3BBBAA5", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:6.0.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "FD00EC37-ED6D-4349-9A5F-BB21FCE24EDD", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:6.0.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "58B546FD-78B5-4438-AADD-1572DE68B273", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:6.0.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "69590843-270E-4224-B63C-B589D629866D", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:6.0.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "F83700E2-D030-4B21-98F0-0401CE4B569E", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:6.0.1.6:*:*:*:*:*:*:*", "matchCriteriaId": "AD706737-C241-41AD-B3F0-2A8E79633011", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:6.0.1.7:*:*:*:*:*:*:*", "matchCriteriaId": "14F20A3A-7F6A-44FD-B24D-8C7948D1365B", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:6.0.1.8:*:*:*:*:*:*:*", "matchCriteriaId": "18023261-EB9D-43B1-8F91-0F68F4477E6D", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:6.0.1.9:*:*:*:*:*:*:*", "matchCriteriaId": "66D37310-6F69-4D24-9DF1-16327FA793B0", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:6.0.1.10:*:*:*:*:*:*:*", "matchCriteriaId": "769FA930-C092-4769-89B7-F25E5CCDB42D", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:6.0.1.11:*:*:*:*:*:*:*", "matchCriteriaId": "979409C4-7E43-441F-9805-F8BA3EA003C8", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:6.0.1.12:*:*:*:*:*:*:*", "matchCriteriaId": "488DC041-DF31-4D60-886A-7A4DDABAFA8B", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:6.0.1.13:*:*:*:*:*:*:*", "matchCriteriaId": "78335FFF-BD0A-4EC4-A6C8-21B6C7D35E34", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:6.0.1.14:*:*:*:*:*:*:*", "matchCriteriaId": "6C03D6FB-28DA-4805-AAAF-D41FC0E0CB4A", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:6.0.1.15:*:*:*:*:*:*:*", "matchCriteriaId": "E1D2FE37-9E2A-476E-997E-631F68288648", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:6.0.1.16:*:*:*:*:*:*:*", "matchCriteriaId": "B2C93C05-A6A1-4756-A155-62D952360FE7", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.0.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "2A38D3F1-B9B7-4507-9E7D-8D6BB6B4BA5E", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.0.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "FCDD32DA-E5B7-4396-8DE4-EEE9E2A2578B", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.0.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "102B1969-5BE1-4CC2-9588-691D715F4DA2", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.0.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "D8EBFF6E-53A2-4187-801A-8640D941C717", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.0.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "2A51FA23-9FF6-4236-9EBE-C063EA70211B", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.0.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "16E0456B-A3DA-4E78-9566-11106CB57B86", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.0.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "79CAC5E6-15C2-4F22-A3D3-CA58A33903F8", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.0.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "B4A92C11-CB05-4D5F-A58D-1AC2A2AE49E1", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.0.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "2A9C4B24-3F61-4790-920E-67A287F4FD27", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.0.0.9:*:*:*:*:*:*:*", "matchCriteriaId": "3470C5C5-0023-433F-8266-05EDAC5E1C59", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.1.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "A46CC198-5282-4398-9AA3-96FA18D1B76F", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "D48173CD-C84A-4A3A-A91A-E3808BFD0CCD", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "5EDB53F0-8AFD-4ACC-A8EC-D910E5B77996", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "022E5711-C03B-4456-8F31-C7685E010FD7", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.1.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "1FEDAEBE-CB98-4B2B-A228-4B730401262F", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.1.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "4BFA9D43-38AE-4331-8031-DE20A0DDB02A", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.1.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "A159909C-C85A-4A6D-B2FE-AAC130BAFC40", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:datapower_gateway:7.2.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "D32139A0-894E-4A7D-AED8-4584B1680693", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "IBM DataPower Gateway appliances with firmware 6.x before 6.0.0.17, 6.0.1.x before 6.0.1.17, 7.x before 7.0.0.10, 7.1.0.x before 7.1.0.7, and 7.2.x before 7.2.0.1 do not set the secure flag for unspecified cookies in an https session, which makes it easier for remote attackers to capture these cookies by intercepting their transmission within an http session."}, {"lang": "es", "value": "Dispositivos IBM DataPower Gateway con firmware 6.x en versiones anteriores a 6.0.0.17, 6.0.1.x en versiones anteriores a 6.0.1.17, 7.x en versiones anteriores a 7.0.0.10, 7.1.0.x en versiones anteriores a 7.1.0.7 y 7.2.x en versiones anteriores a 7.2.0.1 no establece el indicador de seguridad para cookies no especificadas en una sesi\u00f3n https, lo cual hace m\u00e1s f\u00e1cil para atacantes remotos capturar estas cookies interceptando su transmisi\u00f3n dentro de una sesi\u00f3n http."}], "id": "CVE-2015-7427", "lastModified": "2025-04-12T10:46:40.837", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2015-11-14T03:59:07.850", "references": [{"source": "psirt@us.ibm.com", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT10279"}, {"source": "psirt@us.ibm.com", "tags": ["Vendor Advisory"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21969342"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT10279"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21969342"}], "sourceIdentifier": "psirt@us.ibm.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}