Ibm

Api Connect

81 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.44%
  • Veröffentlicht 08.07.2026 15:24:38
  • Zuletzt bearbeitet 10.07.2026 16:59:16

IBM API Connect 10.0.8.0 through 10.0.8.9 and 12.1.0.0 through 12.1.0.3 contains an unauthenticated SQL injection vulnerability in the password reset functionality.

  • EPSS 0.37%
  • Veröffentlicht 08.07.2026 15:22:31
  • Zuletzt bearbeitet 10.07.2026 17:01:12

IBM API Connect 12.1.0.0 through 12.1.0.3 uses default credentials which could allow an attacker to gain unauthorized access to the application before the system enforces a credential update.

  • EPSS 8.67%
  • Veröffentlicht 26.12.2025 13:16:24
  • Zuletzt bearbeitet 31.12.2025 21:37:43

IBM API Connect 10.0.8.0 through 10.0.8.5, and 10.0.11.0 could allow a remote attacker to bypass authentication mechanisms and gain unauthorized access to the application.

  • EPSS 0.24%
  • Veröffentlicht 09.12.2023 03:15:07
  • Zuletzt bearbeitet 21.11.2024 08:30:44

IBM API Connect V10.0.5.3 and V10.0.6.0 stores user credentials in browser cache which can be read by a local user. IBM X-Force ID: 271912.

  • EPSS 0.51%
  • Veröffentlicht 12.05.2023 02:15:09
  • Zuletzt bearbeitet 21.11.2024 07:55:16

IBM API Connect V10 could allow an authenticated user to perform actions that they should not have access to. IBM X-Force ID: 250585.

  • EPSS 0.65%
  • Veröffentlicht 08.02.2023 20:15:23
  • Zuletzt bearbeitet 21.11.2024 07:09:20

IBM API Connect 10.0.0.0 through 10.0.5.0, 10.0.1.0 through 10.0.1.7, and 2018.4.1.0 through 2018.4.1.20 is vulnerable to External Service Interaction attack, caused by improper validation of user-supplied input. A remote attacker could exploit this ...

  • EPSS 0.38%
  • Veröffentlicht 12.12.2022 09:15:11
  • Zuletzt bearbeitet 21.11.2024 06:18:23

IBM API Connect V10.0.0.0 through V10.0.5.0, V10.0.1.0 through V10.0.1.7, and V2018.4.1.0 through 2018.4.1.19 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct...

  • EPSS 0.92%
  • Veröffentlicht 26.08.2021 20:15:07
  • Zuletzt bearbeitet 21.11.2024 06:01:46

IBM API Connect 5.0.0.0 through 5.0.8.11 could allow a user to potentially inject code due to unsanitized user input. IBM X-Force ID: 202774.

  • EPSS 1.64%
  • Veröffentlicht 26.08.2021 20:15:07
  • Zuletzt bearbeitet 21.11.2024 06:01:41

IBM API Connect 5.0.0.0 through 5.0.8.11 could alllow a remote user to obtain sensitive information or conduct denial of serivce attacks due to open ports. IBM X-Force ID: 201018.

  • EPSS 0.94%
  • Veröffentlicht 17.08.2021 14:15:07
  • Zuletzt bearbeitet 21.11.2024 05:33:09

IBM API Connect 5.0.0.0 through 5.0.8.10 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. By sending a specially crafted HTTP request, a remote attacker could exploit this vulnerability to inject HTT...