Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm api connect vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2017-1379
IBM API Connect 5.0.0.0 could allow a remote malicious user to obtain sensitive information, caused by improper handling of requests to the Developer Portal. IBM X-Force ID: 127002.
Ibm Api Connect 5.0.3.0
Ibm Api Connect 5.0.5.0
Ibm Api Connect 5.0.7.1
Ibm Api Connect 5.0.0.1
Ibm Api Connect 5.0.1.0
Ibm Api Connect 5.0.6.0
Ibm Api Connect 5.0.6.1
Ibm Api Connect 5.0.6.2
Ibm Api Connect 5.0.7.0
Ibm Api Connect 5.0.2.0
Ibm Api Connect 5.0.4.0
Ibm Api Connect 5.0.0.0
7.5
CVSSv3
CVE-2016-3012
IBM API Connect (aka APIConnect) prior to 5.0.3.0 with NPM prior to 2.2.8 includes certain internal server credentials in the software package, which might allow remote malicious users to bypass intended access restrictions by leveraging knowledge of these credentials.
Ibm Api Connect
Ibm Network Path Manager
7.3
CVSSv3
CVE-2017-1161
IBM API Connect 5.0.6.0 could allow a remote malicious user to execute arbitrary commands on the system, caused by improper validation of URLs for the Developer Portal. By crafting a malicious URL, an attacker could exploit this vulnerability to execute arbitrary commands on the ...
Ibm Api Connect 5.0.6.0
7.2
CVSSv3
CVE-2020-4638
IBM API Connect's API Manager 2018.4.1.0 up to and including 2018.4.1.12 is vulnerable to privilege escalation. An invitee to an API Provider organization can escalate privileges by manipulating the invitation link. IBM X-Force ID: 185508.
Ibm Api Connect
7.2
CVSSv3
CVE-2018-1973
IBM API Connect 5.0.0.0 up to and including 5.0.8.4 allows a user with limited 'API Administrator level access to give themselves full 'Administrator' level access through the members functionality. IBM X-Force ID: 153914.
Ibm Api Connect
6.5
CVSSv3
CVE-2022-43922
IBM App Connect Enterprise Certified Container 4.1, 4.2, 5.0, 5.1, 5.2, 6.0, 6.1, and 6.2 could disclose sensitive information to an attacker due to a weak hash of an API Key in the configuration. IBM X-Force ID: 241583.
Ibm App Connect Enterprise Certified Container 4.1
Ibm App Connect Enterprise Certified Container 4.2
Ibm App Connect Enterprise Certified Container 5.0
Ibm App Connect Enterprise Certified Container 5.1
Ibm App Connect Enterprise Certified Container 5.2
Ibm App Connect Enterprise Certified Container 6.0
Ibm App Connect Enterprise Certified Container 6.1
Ibm App Connect Enterprise Certified Container 6.2
6.5
CVSSv3
CVE-2020-4903
IBM API Connect V10 and V2018 could allow an attacker who has intercepted a registration invitation link to impersonate the registered user or obtain sensitive information. IBM X-Force ID: 191105.
Ibm Api Connect
6.5
CVSSv3
CVE-2020-4828
IBM API Connect 10.0.0.0 up to and including 10.0.1.0 and 2018.4.1.0 up to and including 2018.4.1.13 is vulnerable to web cache poisoning, caused by improper input validation by modifying HTTP request headers. IBM X-Force ID: 189842.
Ibm Api Connect 10.0.0.0
Ibm Api Connect 10.0.1.0
Ibm Api Connect
6.5
CVSSv3
CVE-2020-4337
IBM API Connect 2018.4.1.0 up to and including 2018.4.1.12 could allow an malicious user to launch phishing attacks by tricking the server to generate user registration emails that contain malicious URLs. IBM X-Force ID: 177933.
Ibm Api Connect
6.5
CVSSv3
CVE-2018-2009
IBM API Connect v2018.1 and 2018.4.1 is affected by an information disclosure vulnerability in the consumer API. Any registered user can obtain a list of all other users in all other orgs, including email id/names, etc. IBM X-Force ID: 155148.
Ibm Api Connect
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »