Lucene search

Api Connect Security Vulnerabilities - 2023

cve

CVE-2022-34350

IBM API Connect 10.0.0.0 through 10.0.5.0, 10.0.1.0 through 10.0.1.7, and 2018.4.1.0 through 2018.4.1.20 is vulnerable to External Service Interaction attack, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to induce the application to perfor...

7.5CVSS

7.4AI Score

0.001EPSS

2023-02-08 08:15 PM

cve

CVE-2023-28522

IBM API Connect V10 could allow an authenticated user to perform actions that they should not have access to. IBM X-Force ID: 250585.

8.8CVSS

8.5AI Score

0.001EPSS

2023-05-12 02:15 AM

cve

CVE-2023-47722

IBM API Connect V10.0.5.3 and V10.0.6.0 stores user credentials in browser cache which can be read by a local user. IBM X-Force ID: 271912.

6.2CVSS

5.1AI Score

0.0004EPSS

2023-12-09 03:15 AM