EUVD-2018-11968

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

IBM API Connect versions 5.0.0.0 to 5.0.8.2 allow unauthorized modifications via LoopBack APIs.

Reporter	Title	Published	Views	Family All 7
IBM Security Bulletins	Security Bulletin: API Connect is affected by a generated LoopBack APIs vulnerability (CVE-2018-1389)	15 Jun 201807:08	–	ibm
CNVD	IBM API Connect Security Bypass Vulnerability (CNVD-2018-09233)	3 May 201800:00	–	cnvd
CVE	CVE-2018-1389	30 Apr 201814:00	–	cve
Cvelist	CVE-2018-1389	30 Apr 201814:00	–	cvelist
NVD	CVE-2018-1389	30 Apr 201814:29	–	nvd
OSV	CVE-2018-1389	30 Apr 201814:29	–	osv
Prion	Design/Logic Flaw	30 Apr 201814:29	–	prion

[
  {
    "enisaIdVendor": [
      {
        "id": "7a79dd3c-ac12-30ad-a1a2-b9caa5ce2594",
        "vendor": {
          "name": "IBM"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "00ff54a7-cd9e-3890-9077-9670e4851e80",
        "product": {
          "name": "API Connect"
        },
        "product_version": "5.0.2.0"
      },
      {
        "id": "15ba37e3-d09b-3102-89b2-7d5d93f769fd",
        "product": {
          "name": "API Connect"
        },
        "product_version": "5.0.4.0"
      },
      {
        "id": "1921a125-5b97-3cd1-8dc2-32eda095fde1",
        "product": {
          "name": "API Connect"
        },
        "product_version": "5.0.6.5"
      },
      {
        "id": "364de209-7d83-363b-b7f3-7489cbc430db",
        "product": {
          "name": "API Connect"
        },
        "product_version": "5.0.6.2"
      },
      {
        "id": "3756fcf1-6807-3b91-a7a6-ee8616b66773",
        "product": {
          "name": "API Connect"
        },
        "product_version": "5.0.0.0"
      },
      {
        "id": "3bf61d6d-ccfe-3795-abd9-936c05da86f5",
        "product": {
          "name": "API Connect"
        },
        "product_version": "5.0.6.4"
      },
      {
        "id": "3d3ab01f-5ad9-3928-831f-45a54de44e72",
        "product": {
          "name": "API Connect"
        },
        "product_version": "5.0.1.0"
      },
      {
        "id": "466a307c-87e7-341a-b9eb-60d3cf7b5fb9",
        "product": {
          "name": "API Connect"
        },
        "product_version": "5.0.6.3"
      },
      {
        "id": "5bc89c7d-1e18-3636-a48d-9913c1f683eb",
        "product": {
          "name": "API Connect"
        },
        "product_version": "5.0.5.0"
      },
      {
        "id": "601520b5-973b-3308-a3c0-86018ae13e70",
        "product": {
          "name": "API Connect"
        },
        "product_version": "5.0.6.0"
      },
      {
        "id": "6b823266-37f8-36f8-9f22-94617fabdef2",
        "product": {
          "name": "API Connect"
        },
        "product_version": "5.0.7.2"
      },
      {
        "id": "73828c6a-c79d-3b7e-b433-ede09d9e2dad",
        "product": {
          "name": "API Connect"
        },
        "product_version": "5.0.7.0"
      },
      {
        "id": "771a0a7b-ac9f-3780-86f2-1760a00b8788",
        "product": {
          "name": "API Connect"
        },
        "product_version": "5.0.8.0"
      },
      {
        "id": "77ccb1e8-3fb4-39a7-94b3-b671fc17feba",
        "product": {
          "name": "API Connect"
        },
        "product_version": "5.0.8.1"
      },
      {
        "id": "8df128b4-f60e-3150-af07-fde0130a1c5c",
        "product": {
          "name": "API Connect"
        },
        "product_version": "5.0.8.2"
      },
      {
        "id": "98bb5ab9-c709-3b5a-9fe0-6a143b511f91",
        "product": {
          "name": "API Connect"
        },
        "product_version": "5.0.6.1"
      },
      {
        "id": "aeb37e47-5631-329d-9b57-480f1404d4e6",
        "product": {
          "name": "API Connect"
        },
        "product_version": "5.0.7.1"
      },
      {
        "id": "ecbd7758-de34-3847-82af-4fae8d05f26d",
        "product": {
          "name": "API Connect"
        },
        "product_version": "5.0.3.0"
      }
    ]
  }
]

Source	Link
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/138213
securityfocus	www.securityfocus.com/bid/104026
ibm	www.ibm.com/support/docview.wss
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

6.6Medium risk

Vulners AI Score6.6

CVSS 36.5

CVSS 24

EPSS0.00215