CVE-2017-1328

2017-06-2716:00:00

ibm

www.cve.org

0.002 Low

EPSS

Percentile

59.1%

JSON

IBM API Connect 5.0.0.0 - 5.0.6.0 could allow a remote attacker to bypass security restrictions of the api, caused by improper handling of security policy. By crafting a suitable request, an attacker could exploit this vulnerability to bypass security and use the vulnerable API. IBM X-Force ID: 126230.

CNA Affected

[
  {
    "product": "API Connect",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "5.0.1.0"
      },
      {
        "status": "affected",
        "version": "5.0.0.0"
      },
      {
        "status": "affected",
        "version": "5.0.2.0"
      },
      {
        "status": "affected",
        "version": "5.0.5.0"
      },
      {
        "status": "affected",
        "version": "5.0.6.0"
      },
      {
        "status": "affected",
        "version": "5.0.3.0"
      },
      {
        "status": "affected",
        "version": "5.0.4.0"
      }
    ]
  }
]