CVE-2020-4581

Description

IBM DataPower Gateway 2018.4.1.0 through 2018.4.1.12 could allow a remote attacker to cause a denial of service by sending a chunked transfer-encoding HTTP/2 request. IBM X-Force ID: 184441.

CVSS breakdown

CVSS 3.0

Scope

Unchanged

User Interaction

None

Attack Complexity

Low

Confidentiality

None

Integrity

None

Privileges Required

None

Availability

High

Attack Vector

Network

Changed

Unchanged

Affected products

ibm / DataPower Gateway2018.4.1.0 – 2018.4.1.0
ibm / DataPower Gateway2018.4.1.12 – 2018.4.1.12

References

MISChttps://www.ibm.com/support/pages/node/6334707
MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/184441