EUVD-2018-12570

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

IBM API Connect versions may expose sensitive information via CMC UI headers, IBM X-Force ID 154284.

Reporter	Title	Published	Views	Family All 7
IBM Security Bulletins	Security Bulletin: API Connect V5 is impacted by information disclosure (CVE-2018-1991)	19 May 201917:50	–	ibm
Circl	CVE-2018-1991	22 May 201915:48	–	circl
CNVD	IBM API Connect Information Disclosure Vulnerability (CNVD-2019-40899)	22 May 201900:00	–	cnvd
CVE	CVE-2018-1991	22 May 201914:45	–	cve
Cvelist	CVE-2018-1991	22 May 201914:45	–	cvelist
NVD	CVE-2018-1991	22 May 201915:29	–	nvd
Prion	Information disclosure	22 May 201915:29	–	prion

[
  {
    "enisaIdVendor": [
      {
        "id": "01ec3bf0-b126-34ff-beda-707da1301b33",
        "vendor": {
          "name": "IBM"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "141f3aac-14f5-3cc2-a09c-2e68bb0d438f",
        "product": {
          "name": "API Connect"
        },
        "product_version": "5.0.0.0"
      },
      {
        "id": "a5864fb3-fa7a-3ae8-ab3c-9ac1d6d02534",
        "product": {
          "name": "API Connect"
        },
        "product_version": "5.0.8.6"
      }
    ]
  }
]

Source	Link
ibm	www.ibm.com/support/docview.wss
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/154284
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

3.8Low risk

Vulners AI Score3.8

CVSS 32.7

CVSS 24

EPSS0.00141