Lucene search

K
IbmApi Connect

13 matches found

CVE
CVE
added 2019/05/29 3:29 p.m.59 views

CVE-2019-4256

IBM API Connect 5.0.0.0 through 5.0.8.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 159944.

7.5CVSS7.2AI score0.00158EPSS
CVE
CVE
added 2023/02/08 8:15 p.m.46 views

CVE-2022-34350

IBM API Connect 10.0.0.0 through 10.0.5.0, 10.0.1.0 through 10.0.1.7, and 2018.4.1.0 through 2018.4.1.20 is vulnerable to External Service Interaction attack, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to induce the application to perfor...

7.5CVSS6.3AI score0.00029EPSS
CVE
CVE
added 2019/12/18 5:16 p.m.43 views

CVE-2019-4609

IBM API Connect 2018.4.1.7 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 168510.

7.5CVSS7.2AI score0.00134EPSS
CVE
CVE
added 2018/11/20 2:29 p.m.42 views

CVE-2018-1779

IBM API Connect 2018.1 through 2018.3.7 could allow an unauthenticated attacker to cause a denial of service due to not setting limits on JSON payload size. IBM X-Force ID: 148802.

7.5CVSS7.3AI score0.00399EPSS
CVE
CVE
added 2020/06/29 2:15 p.m.42 views

CVE-2020-4452

IBM API Connect V2018.4.1.0 through 2018.4.1.11 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 181324.

7.5CVSS7.2AI score0.00112EPSS
CVE
CVE
added 2016/12/01 11:59 a.m.41 views

CVE-2016-3012

IBM API Connect (aka APIConnect) before 5.0.3.0 with NPM before 2.2.8 includes certain internal server credentials in the software package, which might allow remote attackers to bypass intended access restrictions by leveraging knowledge of these credentials.

7.5CVSS7.4AI score0.00186EPSS
CVE
CVE
added 2017/06/15 1:29 p.m.40 views

CVE-2017-1379

IBM API Connect 5.0.0.0 could allow a remote attacker to obtain sensitive information, caused by improper handling of requests to the Developer Portal. IBM X-Force ID: 127002.

7.5CVSS7.2AI score0.00312EPSS
CVE
CVE
added 2019/04/29 5:29 p.m.40 views

CVE-2018-2007

IBM API Connect 2018.1 and 2018.4.1.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 155078.

7.5CVSS7.2AI score0.00096EPSS
CVE
CVE
added 2017/04/17 9:59 p.m.37 views

CVE-2017-1161

IBM API Connect 5.0.6.0 could allow a remote attacker to execute arbitrary commands on the system, caused by improper validation of URLs for the Developer Portal. By crafting a malicious URL, an attacker could exploit this vulnerability to execute arbitrary commands on the system with the privilege...

7.5CVSS7.4AI score0.00375EPSS
CVE
CVE
added 2020/09/03 2:15 p.m.36 views

CVE-2020-4638

IBM API Connect's API Manager 2018.4.1.0 through 2018.4.1.12 is vulnerable to privilege escalation. An invitee to an API Provider organization can escalate privileges by manipulating the invitation link. IBM X-Force ID: 185508.

7.2CVSS6.9AI score0.00522EPSS
CVE
CVE
added 2020/03/24 4:15 p.m.34 views

CVE-2019-4553

IBM API Connect V5.0.0.0 through 5.0.8.7iFix3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 165958.

7.5CVSS7.2AI score0.00146EPSS
CVE
CVE
added 2019/08/20 7:15 p.m.32 views

CVE-2019-4460

IBM API Connect 5.0.0.0 through 5.0.8.6 developer portal could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 163681.

7.5CVSS7.2AI score0.00375EPSS
CVE
CVE
added 2021/03/08 6:15 p.m.32 views

CVE-2020-4695

IBM API Connect V10 is impacted by insecure communications during database replication. As the data replication happens over insecure communication channels, an attacker can view unencrypted data leading to a loss of confidentiality.

7.5CVSS7.3AI score0.00096EPSS