Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

ibm api connect 5.0.7.0 vulnerabilities and exploits

(subscribe to this query)
6.5
CVSSv3
CVE-2017-1556
IBM API Connect 5.0.7.0 up to and including 5.0.7.2 is vulnerable to a regular expression attack that could allow an authenticated malicious user to use a regex and cause the system to slow or hang. IBM X-Force ID: 131546.
Ibm Api Connect 5.0.7.0Ibm Api Connect 5.0.7.1Ibm Api Connect 5.0.7.2
4.3
CVSSv3
CVE-2017-1785
IBM API Connect 5.0.7 and 5.0.8 could allow an authenticated remote user to modify query parameters to obtain sensitive information. IBM X-Force ID: 136859.
Ibm Api Connect 5.0.7.1Ibm Api Connect 5.0.8.0Ibm Api Connect 5.0.8.1Ibm Api Connect 5.0.7.0Ibm Api Connect 5.0.7.2
5.4
CVSSv3
CVE-2018-1382
IBM API Connect 5.0.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 138079.
Ibm Api Connect 5.0.7.2Ibm Api Connect 5.0.8.1Ibm Api Connect 5.0.7.0Ibm Api Connect 5.0.8.0Ibm Api Connect 5.0.7.1Ibm Api Connect
8.2
CVSSv3
CVE-2017-1322
IBM API Connect 5.0.6.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume memory resources. IBM X-Force ID: 125918.
Ibm Api Connect 5.0.6.2Ibm Api Connect 5.0.1.0Ibm Api Connect 5.0.0.0Ibm Api Connect 5.0.6.0Ibm Api Connect 5.0.5.0Ibm Api Connect 5.0.4.0Ibm Api Connect 5.0.3.0Ibm Api Connect 5.0.2.0Ibm Api Connect 5.0.7.0Ibm Api Connect 5.0.6.1Ibm Api Connect 5.0.0.1
7.5
CVSSv3
CVE-2017-1379
IBM API Connect 5.0.0.0 could allow a remote malicious user to obtain sensitive information, caused by improper handling of requests to the Developer Portal. IBM X-Force ID: 127002.
Ibm Api Connect 5.0.3.0Ibm Api Connect 5.0.5.0Ibm Api Connect 5.0.7.1Ibm Api Connect 5.0.0.1Ibm Api Connect 5.0.1.0Ibm Api Connect 5.0.6.0Ibm Api Connect 5.0.6.1Ibm Api Connect 5.0.6.2Ibm Api Connect 5.0.7.0Ibm Api Connect 5.0.2.0Ibm Api Connect 5.0.4.0Ibm Api Connect 5.0.0.0
6.1
CVSSv3
CVE-2017-1551
IBM API Connect 5.0.0.0 up to and including 5.0.7.2 could allow a remote malicious user to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions ...
Ibm Api Connect 5.0.0.0Ibm Api Connect 5.0.0.1Ibm Api Connect 5.0.7.2Ibm Api Connect 5.0.5.0Ibm Api Connect 5.0.6.0Ibm Api Connect 5.0.6.1Ibm Api Connect 5.0.6.2Ibm Api Connect 5.0.1.0Ibm Api Connect 5.0.3.0Ibm Api Connect 5.0.6.4Ibm Api Connect 5.0.7.1Ibm Api Connect 5.0.2.0Ibm Api Connect 5.0.4.0Ibm Api Connect 5.0.6.3Ibm Api Connect 5.0.7.0
4.3
CVSSv3
CVE-2017-1555
IBM API Connect 5.0.0.0 up to and including 5.0.7.2 could allow an authenticated user to generate an API token when not subscribed to the application plan. IBM X-Force ID: 131545.
Ibm Api Connect 5.0.6.1Ibm Api Connect 5.0.6.2Ibm Api Connect 5.0.6.3Ibm Api Connect 5.0.6.4Ibm Api Connect 5.0.4.0Ibm Api Connect 5.0.6.0Ibm Api Connect 5.0.7.0Ibm Api Connect 5.0.7.2Ibm Api Connect 5.0.0.0Ibm Api Connect 5.0.0.1Ibm Api Connect 5.0.1.0Ibm Api Connect 5.0.2.0Ibm Api Connect 5.0.3.0Ibm Api Connect 5.0.5.0Ibm Api Connect 5.0.7.1
5.9
CVSSv3
CVE-2017-1386
IBM API Connect 5.0.0.0 could allow a user to bypass policy restrictions and create non-compliant passwords which could be intercepted and decrypted using man in the middle techniques. IBM X-Force ID: 127160.
Ibm Api Connect 5.0.2.0Ibm Api Connect 5.0.4.0Ibm Api Connect 5.0.0.0Ibm Api Connect 5.0.0.1Ibm Api Connect 5.0.1.0Ibm Api Connect 5.0.6.0Ibm Api Connect 5.0.6.1Ibm Api Connect 5.0.6.2Ibm Api Connect 5.0.7.0Ibm Api Connect 5.0.3.0Ibm Api Connect 5.0.5.0Ibm Api Management 4.0.0.1Ibm Api Management 4.0.4.1Ibm Api Management 4.0.4.0Ibm Api Management 4.0.2.0Ibm Api Management 4.0.0.0Ibm Api Management 4.0.4.2Ibm Api Management 4.0.4.3Ibm Api Management 4.0.4.4Ibm Api Management 4.0.4.5Ibm Api Management 4.0.2.1Ibm Api Management 4.0.3.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
race conditionCVE-2024-4249CVE-2024-4244CVE-2023-20198TCPCVE-2022-48648CVE-2022-48636CVE-2024-21345SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook