Api Connect Security Vulnerabilities and Issues — Api Connect CVE List

Lucene search

IbmApi Connect

3 matches found

CVE•added 2018/07/06 2:29 p.m.•40 views

CVE-2018-1546

IBM API Connect 5.0.0.0 through 5.0.8.3 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Forc...

5.9CVSS5.4AI score0.00229EPSS

CVE•added 2018/07/09 1:29 p.m.•39 views

CVE-2018-1548

IBM API Connect 2018.1.0.0, 2018.2.1, 2018.2.2, 2018.2.3, and 2018.2.4 contains a vulnerability that could allow an authenticated user to obtain sensitive information. IBM X-Force ID: 142657.

4.3CVSS4.2AI score0.00163EPSS

CVE•added 2018/07/31 1:29 p.m.•37 views

CVE-2018-1638

IBM API Connect 5.0.0.0-5.0.8.3 Developer Portal does not enforce Two Factor Authentication (TFA) while resetting a user password but enforces it for all other login scenarios. IBM X-Force ID: 144483.

8.1CVSS7.9AI score0.00205EPSS