Description
IBM DataPower Gateway 2018.4.1.0 through 2018.4.1.12 could allow a remote attacker to cause a denial of service by sending a specially crafted HTTP/2 request with invalid characters. IBM X-Force ID: 184438.
CVSS breakdown
CVSS 3.0
User Interaction
None
Attack Complexity
Low
Confidentiality
None
Scope
Unchanged
Privileges Required
None
Integrity
None
Availability
High
Attack Vector
Network
RC
Changed
RL
O
E
Unchanged
Affected products
- ibm / DataPower Gateway2018.4.1.0 – 2018.4.1.0
- ibm / DataPower Gateway2018.4.1.12 – 2018.4.1.12