5.6 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
4.7 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:M/Au:N/C:C/I:N/A:N
IBM has released the 5.0.8.2 iFix for IBM API Connect in response to CVE-2017-5753, CVE-2017-5715 and CVE-2017-5754.
CVEID: CVE-2017-5753
CVEID: CVE-2017-5715
CVEID: CVE-2017-5754
IBM API Management 4.0.0.0-4.0.4.6
IBM API Connect 5.0.0.0-5.0.6.6
IBM API Connect 5.0.7.0-5.0.7.2
IBM API Connect 5.0.8.0-5.0.8.2
Affected Product
| Addressed in VRMF|APAR|Remediation/First Fix
—|—|—|—
IBM API Management
4.0.0.0-4.0.4.6| 5.0.8.2| LI80028| Addressed in IBM API Connect V5.0.8.2 Developer Portal iFix.
Follow this link and find the lastest 5.0.8.2 API Connect packages / iFix packages.
5.0.0.0-5.0.6.6| 5.0.8.2| LI80028| Addressed in IBM API Connect V5.0.8.2 Developer Portal iFix.
Follow this link and find the lastest 5.0.8.2 API Connect packages / iFix packages.
5.0.7.0-5.0.7.2| 5.0.8.2| LI80028| Addressed in IBM API Connect V5.0.8.2 Developer Portal iFix.
Follow this link and find the lastest 5.0.8.2 API Connect packages / iFix packages.
5.0.8.0-5.0.8.2| 5.0.8.2| LI80028| Addressed in IBM API Connect V5.0.8.2 Developer Portal iFix.
Follow this link and find the lastest 5.0.8.2 API Connect packages / iFix packages.
None
5.6 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
4.7 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:M/Au:N/C:C/I:N/A:N