CVE-2018-1789

🗓️ 07 Sep 2018 16:00:00Reported by ibmType

IBM API Connect vulnerability, CVE-2018-1789, allows SSRF attac

Reporter	Title	Published	Views	Family All 7
IBM Security Bulletins	Security Bulletin: IBM API Connect is vulnerable to Server Side Request Forgery (CVE-2018-1789)	4 Sep 201820:56	–	ibm
CNVD	IBM API Connect Server-Side Request Forgery Vulnerability	11 Sep 201800:00	–	cnvd
Cvelist	CVE-2018-1789	7 Sep 201816:00	–	cvelist
EUVD	EUVD-2018-12368	7 Oct 202500:30	–	euvd
NVD	CVE-2018-1789	7 Sep 201815:29	–	nvd
OSV	CVE-2018-1789	7 Sep 201815:29	–	osv
Prion	Server side request forgery (ssrf)	7 Sep 201815:29	–	prion

NVD

Vulners

Node

ibm api_connectRange2018.1.0–2018.3.4

[
  {
    "product": "API Connect",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "2018.2.1"
      },
      {
        "status": "affected",
        "version": "2018.2.2"
      },
      {
        "status": "affected",
        "version": "2018.2.3"
      },
      {
        "status": "affected",
        "version": "2018.2.4"
      },
      {
        "status": "affected",
        "version": "2018.1.0"
      },
      {
        "status": "affected",
        "version": "2018.2.5"
      },
      {
        "status": "affected",
        "version": "2018.2.6"
      },
      {
        "status": "affected",
        "version": "2018.2.7"
      },
      {
        "status": "affected",
        "version": "2018.2.8"
      },
      {
        "status": "affected",
        "version": "2018.2.9"
      },
      {
        "status": "affected",
        "version": "2018.2.10"
      },
      {
        "status": "affected",
        "version": "2018.2.11"
      },
      {
        "status": "affected",
        "version": "2018.3.1"
      },
      {
        "status": "affected",
        "version": "2018.3.2"
      },
      {
        "status": "affected",
        "version": "2018.3.3"
      },
      {
        "status": "affected",
        "version": "2018.3.4"
      }
    ]
  }
]

Source	Link
ibm	www.ibm.com/support/docview.wss
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/148939

21 Nov 2024 04:00Current

8.8High risk

Vulners AI Score8.8

CVSS 26.5

CVSS 38.4 - 9.9

EPSS0.00174

CWE-918