2 matches found
CVE-2018-1973
CVE-2018-1973 affects IBM API Connect 5.0.0.0–5.0.8.4. A user with limited API Administrator rights can elevate to full Administrator access via the members functionality. CVSS v3 base score 7.2 (HIGH); vectors: AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H. Remediation: patch in V5.0.8.5 (fixpack) per IBM...
Security Bulletin: IBM API Connect V5 - Admin Users Can Elevate Own Permissions (CVE-2018-1973)
Summary IBM API Connect has addressed the following vulnerabilities. Vulnerability Details CVEID: CVE-2018-1973 DESCRIPTION: API Connect V5 allows a user with limited 'API Administrator' level access to give themselves full 'Administrator' level access through the members functionality. CVSS Base...