5.9
CVE-2017-1386
- EPSS 0.22%
- Veröffentlicht 31.07.2017 21:29:00
- Zuletzt bearbeitet 20.04.2025 01:37:25
- Quelle psirt@us.ibm.com
- Teams Watchlist Login
- Unerledigt Login
IBM API Connect 5.0.0.0 could allow a user to bypass policy restrictions and create non-compliant passwords which could be intercepted and decrypted using man in the middle techniques. IBM X-Force ID: 127160.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ibm ≫ Api Connect Version5.0.0.0
Ibm ≫ Api Connect Version5.0.0.1
Ibm ≫ Api Connect Version5.0.1.0
Ibm ≫ Api Connect Version5.0.2.0
Ibm ≫ Api Connect Version5.0.3.0
Ibm ≫ Api Connect Version5.0.4.0
Ibm ≫ Api Connect Version5.0.5.0
Ibm ≫ Api Connect Version5.0.6.0
Ibm ≫ Api Connect Version5.0.6.1
Ibm ≫ Api Connect Version5.0.6.2
Ibm ≫ Api Connect Version5.0.7.0
Ibm ≫ Api Management Version4.0.0.0
Ibm ≫ Api Management Version4.0.0.1
Ibm ≫ Api Management Version4.0.1.0
Ibm ≫ Api Management Version4.0.2.0
Ibm ≫ Api Management Version4.0.2.1
Ibm ≫ Api Management Version4.0.3.0
Ibm ≫ Api Management Version4.0.4.0
Ibm ≫ Api Management Version4.0.4.1
Ibm ≫ Api Management Version4.0.4.2
Ibm ≫ Api Management Version4.0.4.3
Ibm ≫ Api Management Version4.0.4.4
Ibm ≫ Api Management Version4.0.4.5
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.22% | 0.411 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.9 | 2.2 | 3.6 |
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:P/I:N/A:N
|
CWE-521 Weak Password Requirements
The product does not require that users should have strong passwords, which makes it easier for attackers to compromise user accounts.