Plattform
ibm
Komponente
datapower-gateway
Behoben in
10.6.6
10.5.1
10.6.1
CVE-2025-36375 describes a cross-site request forgery (CSRF) vulnerability affecting IBM DataPower Gateway. This flaw allows an attacker to potentially execute malicious and unauthorized actions on behalf of a trusted user. The vulnerability impacts versions 10.5.0.0 through 10.6.5.0, as well as 10.6.0.0 through 10.6.0.8. IBM has advised upgrading to a patched version to address this security concern.
A successful CSRF attack could allow an attacker to perform actions as a legitimate user of the DataPower Gateway, potentially leading to unauthorized configuration changes, data manipulation, or even complete system compromise. The attacker would need to trick a user into clicking a malicious link or visiting a crafted webpage. The impact is amplified if the DataPower Gateway is used to manage sensitive data or control critical infrastructure, as an attacker could leverage this vulnerability to gain broader access and control. This vulnerability shares similarities with other CSRF exploits, where user actions are unknowingly hijacked.
CVE-2025-36375 was published on 2026-04-01. The EPSS score is pending evaluation. No public proof-of-concept (POC) exploits are currently known. Monitor IBM security advisories and security news sources for any updates on exploitation activity. This vulnerability is not currently listed on the CISA KEV catalog.
Organizations heavily reliant on IBM DataPower Gateway for network security and data management are at increased risk. This includes those using the gateway to manage sensitive data, control critical infrastructure, or integrate with other business-critical systems. Shared hosting environments where multiple users share a DataPower Gateway instance are also particularly vulnerable.
• linux / server:
journalctl -u datapower -g "CSRF attack"• generic web:
curl -I https://datapower_gateway/ | grep -i 'referer:'disclosure
Exploit-Status
EPSS
0.02% (4% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2025-36375 is to upgrade to a fixed version of IBM DataPower Gateway. IBM has not yet released a specific fixed version, so monitor IBM security advisories for updates. As an interim measure, implement a Web Application Firewall (WAF) with CSRF protection rules to filter out malicious requests. Consider adding stricter input validation and output encoding to prevent the injection of malicious scripts. Regularly review and audit DataPower Gateway configurations to identify and address potential vulnerabilities.
Aktualisieren Sie IBM DataPower Gateway auf eine Version, die nicht anfällig für CSRF ist. Weitere Details und spezifische Update-Anweisungen finden Sie im IBM Advisory.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2025-36375 is a cross-site request forgery (CSRF) vulnerability affecting IBM DataPower Gateway versions 10.5.0.0–10.6.5.0, allowing attackers to perform unauthorized actions.
If you are running IBM DataPower Gateway versions 10.5.0.0 through 10.6.5.0 or 10.6.0.0 through 10.6.0.8, you are potentially affected by this vulnerability.
Upgrade to a fixed version of IBM DataPower Gateway as soon as it becomes available. Until then, implement WAF rules and stricter input validation.
Currently, there are no confirmed reports of active exploitation, but it's crucial to implement mitigations proactively.
Refer to the official IBM Security Bulletin for CVE-2025-36375 on the IBM Security Support website.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.