ibm datapower gateway Vulnerabilities: CVEs, CISA KEV & Security Advisories

Severity and exploitation

How the CVSS severity of ibm datapower gateway's CVEs breaks down, plus how many are exploited in the wild or have public exploit code.

Critical0

High8

Medium25

Low3

4 additional CVEs have no CVSS severity score.

In CISA’s Known Exploited Vulnerabilities catalog

None of ibm datapower gateway's CVEs are currently listed in CISA's KEV catalog.

Public exploits

No ibm datapower gateway CVEs currently have a tracked public exploit.

Affected versions and CVEs

Browse every ibm datapower gateway version named in a CVE, then pick one to see only the CVEs that affect it.

Specific versions

2018.4.1.022 CVEs
10.0.1.012 CVEs
10.0.2.09 CVEs
10.0.4.06 CVEs
7.6.0.05 CVEs
10.0.0.04 CVEs
10.5.0.04 CVEs
2018.4.1.124 CVEs
2018.4.1.214 CVEs
10.0.3.03 CVEs
10.1.0.83 CVEs
7.5.0.03 CVEs
7.5.1.03 CVEs
7.5.2.03 CVEs
10.0.1.42 CVEs
10.0.1.52 CVEs
2018.4.1.142 CVEs
2018.4.1.172 CVEs
2018.4.1.182 CVEs
2018.4.1.82 CVEs
7.5.0.192 CVEs
7.5.1.182 CVEs
7.5.2.182 CVEs
7.6.0.112 CVEs
7.7.0.02 CVEs
7.7.1.32 CVEs
10.0.1.11 CVE
10.0.1.81 CVE
10.1.0.51 CVE
10.1.0.71 CVE
2018.4.1.161 CVE
2018.4.1.201 CVE
2018.4.1.51 CVE
2018.4.1.61 CVE
2108.4.1.181 CVE
7.5.0.181 CVE
7.5.1.171 CVE
7.5.2.171 CVE
7.6.0.101 CVE
7.6.0.141 CVE
7.6.0.151 CVE
CD1 CVE

Fixed in

10.5.0.14 CVEs
10.5.0.212 CVEs
10.6.0.92 CVEs
10.6.6.02 CVEs
10.0.1.61 CVE
10.0.1.81 CVE
10.0.1.91 CVE
10.0.4.01 CVE
10.0.5.01 CVE
10.5.01 CVE
10.5.0.21 CVE
2018.4.1.191 CVE
2018.4.1.211 CVE
2018.4.1.221 CVE

Find a version

40 CVEs

Sort

IBM DataPower Gateway vulnerable to CSRF
CVE-2025-36375
Patch
CWE-352
Medium · CVSS 6.5
EPSS 0.0% (0th pct)2026-04-01
Incorrect administrative access control in IBM DataPower Gateway
CVE-2025-36373
Patch
CWE-497
Medium · CVSS 4.1
EPSS 0.0% (11th pct)2026-04-01
Low vulnerability · 2022-11-22
CVE-2022-40228
Patch
CWE-613
Low · CVSS 3.7
EPSS 0.2% (41th pct)2022-11-22
High vulnerability · 2022-08-26
CVE-2022-31773
Patch
High · CVSS 8.8
EPSS 0.1% (30th pct)2022-08-26
Medium vulnerability · 2022-07-31
CVE-2022-32750
Patch
Medium · CVSS 5.4
EPSS 0.3% (56th pct)2022-07-31
Medium vulnerability · 2022-07-31
CVE-2022-31776
Patch
Medium · CVSS 6.5
EPSS 0.1% (33th pct)2022-07-31
Medium vulnerability · 2022-07-31
CVE-2022-31775
Patch
Medium · CVSS 5.5
EPSS 0.3% (52th pct)2022-07-31
Medium vulnerability · 2022-07-31
CVE-2022-31774
Patch
Medium · CVSS 5.4
EPSS 0.2% (47th pct)2022-07-31
Medium vulnerability · 2022-07-31
CVE-2022-22326
Patch
Medium · CVSS 4.0
EPSS 0.1% (17th pct)2022-07-31
Medium vulnerability · 2022-05-18
CVE-2021-38944
Patch
Medium · CVSS 4.8
EPSS 0.2% (36th pct)2022-05-18
Medium vulnerability · 2022-05-17
CVE-2021-38872
Patch
Medium · CVSS 5.3
EPSS 0.5% (64th pct)2022-05-17
Medium vulnerability · 2022-05-17
CVE-2020-4994
Patch
Medium · CVSS 5.3
EPSS 0.6% (69th pct)2022-05-17
Low vulnerability · 2022-03-10
CVE-2021-38910
Patch
Low · CVSS 3.7
EPSS 0.2% (48th pct)2022-03-10
Medium vulnerability · 2021-08-17
CVE-2020-4992
Patch
Medium · CVSS 4.3
EPSS 0.1% (28th pct)2021-08-17
Low vulnerability · 2021-06-07
CVE-2020-5008
Patch
Low · CVSS 3.7
EPSS 0.1% (35th pct)2021-06-07
Medium vulnerability · 2021-03-12
CVE-2020-4831
Patch
Medium · CVSS 5.9
EPSS 0.1% (29th pct)2021-03-12
Medium vulnerability · 2021-03-08
CVE-2020-5014
Patch
Medium · CVSS 6.7
EPSS 0.7% (72th pct)2021-03-08
Medium vulnerability · 2020-10-06
CVE-2020-4528
Patch
Medium · CVSS 5.9
EPSS 0.0% (15th pct)2020-10-06
High vulnerability · 2020-09-21
CVE-2020-4581
Patch
High · CVSS 7.5
EPSS 0.7% (73th pct)2020-09-21
High vulnerability · 2020-09-21
CVE-2020-4580
Patch
High · CVSS 7.5
EPSS 0.7% (73th pct)2020-09-21
High vulnerability · 2020-09-21
CVE-2020-4579
Patch
High · CVSS 7.5
EPSS 1.6% (82th pct)2020-09-21
Medium vulnerability · 2020-03-19
CVE-2020-4205
Patch
Medium · CVSS 5.0
EPSS 0.1% (29th pct)2020-03-19
Medium vulnerability · 2020-03-19
CVE-2020-4203
Patch
Medium · CVSS 4.9
EPSS 0.3% (50th pct)2020-03-19
High vulnerability · 2019-12-09
CVE-2019-4621
Patch
High · CVSS 8.1
EPSS 0.8% (75th pct)2019-12-09
High vulnerability · 2019-08-20
CVE-2019-4294
Patch
High · CVSS 8.4
EPSS 0.2% (38th pct)2019-08-20
Medium vulnerability · 2019-02-07
CVE-2018-1666
Patch
Medium · CVSS 4.3
EPSS 0.2% (37th pct)2019-02-07
Medium vulnerability · 2019-01-29
CVE-2018-1668
Patch
Medium · CVSS 5.3
EPSS 0.2% (36th pct)2019-01-29
Medium vulnerability · 2018-12-20
CVE-2018-1677
Patch
Medium · CVSS 5.1
EPSS 0.0% (15th pct)2018-12-20
Medium vulnerability · 2018-12-20
CVE-2018-1661
Patch
Medium · CVSS 6.5
EPSS 0.1% (31th pct)2018-12-20
Medium vulnerability · 2018-12-13
CVE-2018-1667
Patch
Medium · CVSS 5.4
EPSS 0.1% (29th pct)2018-12-13

Showing 30 of 40

Severity and exploitation

ibm datapower gateway Vulnerabilities

Overview

Severity and exploitation

Affected versions and CVEs

Specific versions

Fixed in

Common weakness types

Disclosure activity by year

Other ibm products

Frequently asked questions

How many CVEs does ibm datapower gateway have?

How many ibm datapower gateway CVEs are in CISA KEV?

Are there public exploits for ibm datapower gateway vulnerabilities?

Which versions of ibm datapower gateway are affected?

What are the most common weakness types in ibm datapower gateway CVEs?

What is the average severity of ibm datapower gateway CVEs?

References

Track ibm datapower gateway vulnerabilities