Security Bulletin: IBM API Connect's Developer Portal is impacted by critical vulnerabilities in Drupal (SA-CORE-2019-009, SA-CORE-2019-011, SA-CORE-2019-012, SA-CORE-2019-010)

Summary IBM API Connect has addressed the following vulnerability. Vulnerability Details Third Party Entry: 173284 DESCRIPTION: Drupal security bypass CVSS Base score: 5.3 CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/173284 for the current score. CVSS Vector:...

Security Bulletin: API Connect is impacted by a vulnerability in PHP (CVE-2019-11043)

Summary IBM API Connect has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2019-11043 DESCRIPTION: In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocat...

CVE-2019-4600

IBM API Connect version V5.0.0.0 through 5.0.8.7 could reveal sensitive information to an attacker using a specially crafted HTTP request. IBM X-Force ID: 167883...

Security Bulletin: IBM API Connect's Developer Portal(V5) is impacted by a a confidential information leak(CVE-2019-4600)

Summary IBM API Connect has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2019-4600 DESCRIPTION: IBM API Connect could reveal sensitive information to an attacker using a specially crafted HTTP request. CVSS Base Score: 5.3 CVSS Temporal Score: See for the current score...

IBM API Connect CVE-2019-4600 Information Disclosure Vulnerability

Description IBM API Connect is prone to an information-disclosure vulnerability. An attacker can exploit this issue to obtain sensitive information that may aid in further attacks. IBM API Connect 5.0.0.0 through 5.0.8.7 are vulnerable. Technologies Affected IBM API Connect 5.0.0.0 IBM API Connec...