CVE-2015-1970

The IBM WebSphere DataPower XC10 appliance 2.1 through 2.1.0.3 and 2.5 through 2.5.0.4 retains data on SSD cards, which might allow physically proximate attackers to obtain sensitive information by extracting a card and attaching it elsewhere.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
2.1 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:P/I:N/A:N
ibmCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 17%
VendorProductVersion
ibmwebsphere_datapower_xc10_appliance_firmware
2.1.0.0
ibmwebsphere_datapower_xc10_appliance_firmware
2.1.0.1
ibmwebsphere_datapower_xc10_appliance_firmware
2.1.0.2
ibmwebsphere_datapower_xc10_appliance_firmware
2.1.0.3
ibmwebsphere_datapower_xc10_appliance_firmware
2.5.0.0
ibmwebsphere_datapower_xc10_appliance_firmware
2.5.0.1
ibmwebsphere_datapower_xc10_appliance_firmware
2.5.0.2
ibmwebsphere_datapower_xc10_appliance_firmware
2.5.0.3
ibmwebsphere_datapower_xc10_appliance_firmware
2.5.0.4
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www-01.ibm.com/support/docview.wss?uid=swg1IT09803
http://www-01.ibm.com/support/docview.wss?uid=swg21962861
http://www-01.ibm.com/support/docview.wss?uid=swg1IT09803
http://www-01.ibm.com/support/docview.wss?uid=swg21962861