2 matches found
Security Bulletin: API Connect Developer Portal is affected by authenticated user access to sensitive information vulnerability (CVE-2017-1785)
Summary API Connect has addressed the following vulnerability. API Connect Developer Portal could allow an authenticated remote user to modify query parameters to obtain sensitive information. Vulnerability Details CVEID: CVE-2017-1785 DESCRIPTION: API Connect Developer Portal could allow an...
CVE-2017-1785
CVE-2017-1785 affects IBM API Connect 5.0.7.0–5.0.7.2 and 5.0.8.0–5.0.8.1. An authenticated remote user could modify query parameters to obtain sensitive information, indicating an information-disclosure vulnerability in the API Portal. The IBM Security Bulletin notes remediation in V5.0.8.2 (API...