Lucene search
K
IbmApi Management

6 matches found

CVE
CVE
added 2017/07/31 9:0 p.m.56 views

CVE-2017-1386

CVE-2017-1386 affects IBM API Connect 5.0.0.0 (and related product versions) where a user could bypass password policy and create non‑compliant passwords that might be intercepted and decrypted via man‑in‑the‑middle techniques. The IBM Security Bulletin details affected ranges: API Connect 5.0.0....

5.9CVSS5.5AI score0.0116EPSS
CVE
CVE
added 2015/03/18 10:0 a.m.54 views

CVE-2015-0149

IBM API Management 3.0 before 3.0.4.1 has an access-control weakness in its developer portal, failing to restrict access to public and private APIs, enabling remote authenticated users to view or modify data via unspecified API calls. Root cause: insufficient API access restrictions. Affected: IB...

5.5CVSS5.8AI score0.0093EPSS
CVE
CVE
added 2013/07/18 10:0 p.m.46 views

CVE-2013-0559

CVE-2013-0559 is an XSS vulnerability in IBM Sterling B2B Integrator and IBM Sterling File Gateway. A remote attacker could execute scripts in a victim’s browser and potentially access sensitive data. Affected products: IBM Sterling B2B Integrator 5.0–5.2 and IBM Sterling File Gateway 2.0–2.2. Ba...

6.4CVSS6.3AI score0.01318EPSS
CVE
CVE
added 2014/10/26 6:0 p.m.46 views

CVE-2014-6133

CVE-2014-6133 affects IBM API Management 3.x before 3.0.1.0. The vulnerability allows local users to obtain sensitive ciphertext information via unspecified vectors. The connected documents do not specify the root cause, exact vulnerable component, exploit details, or remediation steps in the pro...

2.1CVSS5.7AI score0.0033EPSS
CVE
CVE
added 2014/06/08 11:0 p.m.45 views

CVE-2014-3036

The CVE-2014-3036 entry concerns IBM API Management 3.0.0.0. It describes an unspecified vulnerability where, when basic authentication is used for APIs, remote attackers could bypass topology-access restrictions and obtain sensitive information via unknown vectors. The available sources (NVD and...

4.3CVSS6.9AI score0.01289EPSS
CVE
CVE
added 2015/01/21 11:0 a.m.36 views

CVE-2014-6172

IBM API Management 3.0 before 3.0.4.0 IF1 contains an information disclosure vulnerability that lets remote attackers obtain sensitive analytics data in encrypted form via unspecified vectors. The available sources (NVD/CNVD/related entries) confirm the affected product and version range but do n...

5CVSS6.1AI score0.02072EPSS