Ibm

Api Connect

81 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 1.43%
  • Veröffentlicht 29.10.2019 00:15:11
  • Zuletzt bearbeitet 21.11.2024 04:43:49

IBM API Connect version V5.0.0.0 through 5.0.8.7 could reveal sensitive information to an attacker using a specially crafted HTTP request. IBM X-Force ID: 167883.

  • EPSS 1.45%
  • Veröffentlicht 20.08.2019 20:15:13
  • Zuletzt bearbeitet 21.11.2024 04:43:36

IBM API Connect 2018.1 through 2018.4.1.6 may inadvertently leak sensitive details about internal servers and network via API swagger. IBM X-force ID: 162947.

  • EPSS 2.57%
  • Veröffentlicht 20.08.2019 19:15:16
  • Zuletzt bearbeitet 21.11.2024 04:43:38

IBM API Connect 5.0.0.0 through 5.0.8.6 developer portal could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the ...

  • EPSS 1.64%
  • Veröffentlicht 20.08.2019 19:15:11
  • Zuletzt bearbeitet 21.11.2024 04:43:33

IBM API Connect 2018.1 through 2018.4.1.6 developer portal could allow an unauthorized user to cause a denial of service via an unprotected API. IBM X-Force ID: 162263.

  • EPSS 7.83%
  • Veröffentlicht 25.06.2019 16:15:10
  • Zuletzt bearbeitet 21.11.2024 04:43:31

IBM API Connect 5.0.0.0 through 5.0.8.6 could allow an unauthorized user to obtain sensitive information about the system users using specially crafted HTTP requests. IBM X-Force ID: 162162.

  • EPSS 1.76%
  • Veröffentlicht 25.06.2019 16:15:10
  • Zuletzt bearbeitet 21.11.2024 04:03:35

IBM API Connect 2018.1 through 2018.4.1.5 could disclose sensitive information to an unauthorized user that could aid in further attacks against the system. IBM X-Force ID: 155193.

  • EPSS 2.77%
  • Veröffentlicht 25.06.2019 16:15:10
  • Zuletzt bearbeitet 21.11.2024 04:03:35

IBM API Connect 2018.1 through 2018.4.1.5 could allow an attacker to obtain sensitive information from a specially crafted HTTP request that could aid an attacker in further attacks against the system. IBM X-Force ID: 155150.

  • EPSS 0.92%
  • Veröffentlicht 25.06.2019 16:15:10
  • Zuletzt bearbeitet 21.11.2024 04:00:30

IBM API Connect 5.0.0.0 through 5.0.8.6 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 151256.

  • EPSS 1.33%
  • Veröffentlicht 29.05.2019 15:29:00
  • Zuletzt bearbeitet 21.11.2024 04:43:23

IBM API Connect 5.0.0.0 through 5.0.8.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 159944.

  • EPSS 0.98%
  • Veröffentlicht 22.05.2019 15:29:02
  • Zuletzt bearbeitet 21.11.2024 04:00:42

IBM API Connect 5.0.0.0, and 5.0.8.6 could could return sensitive information that could provide critical information as to the underlying software stack in CMC UI headers. IBM X-Force ID: 154284.