Api Connect Security Vulnerabilities and Issues — Api Connect CVE List

Lucene search

IbmApi Connect

3 matches found

CVE•added 2018/04/30 2:29 p.m.•36 views

CVE-2018-1389

IBM API Connect 5.0.0.0 through 5.0.8.2 is impacted by generated LoopBack APIs for a Model using the BelongsTo/HasMany relationship allowing unauthorized modification of information. IBM X-Force ID: 138213.

6.5CVSS6.3AI score0.00215EPSS

CVE•added 2018/04/04 6:29 p.m.•32 views

CVE-2018-1469

IBM API Connect Developer Portal 5.0.0.0 through 5.0.8.2 could allow an unauthenticated attacker to execute system commands using specially crafted HTTP requests. IBM X-Force ID: 140605.

10CVSS9.1AI score0.00466EPSS

CVE•added 2018/04/30 2:29 p.m.•29 views

CVE-2018-1430

IBM API Connect 5.0.0.0 through 5.0.8.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 139226.

5.4CVSS5.2AI score0.00237EPSS