9.8
CVE-2026-3144
- EPSS 0.37%
- Veröffentlicht 08.07.2026 15:22:31
- Zuletzt bearbeitet 10.07.2026 17:01:12
- Quelle psirt@us.ibm.com
- CVE-Watchlists
- Unerledigt
IBM API Connect Default Credentials
IBM API Connect 12.1.0.0 through 12.1.0.3 uses default credentials which could allow an attacker to gain unauthorized access to the application before the system enforces a credential update.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ibm ≫ Api Connect Version >= 12.1.0.0 < 12.1.1.0
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.37% | 0.294 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| psirt@us.ibm.com | 8.1 | 2.2 | 5.9 |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
|
CWE-1392 Use of Default Credentials
The product uses default credentials (such as passwords or cryptographic keys) for potentially critical functionality.
https://www.ibm.com/support/pages/node/7278909