Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
api connect vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2019-4256
IBM API Connect 5.0.0.0 up to and including 5.0.8.6 uses weaker than expected cryptographic algorithms that could allow an malicious user to decrypt highly sensitive information. IBM X-Force ID: 159944.
Ibm Api Connect
5
CVSSv2
CVE-2019-4382
IBM API Connect 5.0.0.0 up to and including 5.0.8.6 could allow an unauthorized user to obtain sensitive information about the system users using specially crafted HTTP requests. IBM X-Force ID: 162162.
Ibm Api Connect
5
CVSSv2
CVE-2019-4402
IBM API Connect 2018.1 up to and including 2018.4.1.6 developer portal could allow an unauthorized user to cause a denial of service via an unprotected API. IBM X-Force ID: 162263.
Ibm Api Connect
5
CVSSv2
CVE-2019-4437
IBM API Connect 2018.1 up to and including 2018.4.1.6 may inadvertently leak sensitive details about internal servers and network via API swagger. IBM X-force ID: 162947.
Ibm Api Connect
2.1
CVSSv2
CVE-2019-4444
IBM API Connect 2018.1 up to and including 2018.4.1.7 Developer Portal's user registration page does not disable password autocomplete. An attacker with access to the browser instance and local system credentials can steal the credentials used for registration. IBM X-Force I...
Ibm Api Connect
6.5
CVSSv2
CVE-2020-4638
IBM API Connect's API Manager 2018.4.1.0 up to and including 2018.4.1.12 is vulnerable to privilege escalation. An invitee to an API Provider organization can escalate privileges by manipulating the invitation link. IBM X-Force ID: 185508.
Ibm Api Connect
3.5
CVSSv2
CVE-2020-4707
IBM API Connect 5.0.0.0 up to and including 5.0.8.11 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted ses...
Ibm Api Connect
3.5
CVSSv2
CVE-2020-4838
IBM API Connect 5.0.0.0 up to and including 5.0.8.10 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trus...
Ibm Api Connect
6.4
CVSSv2
CVE-2020-4903
IBM API Connect V10 and V2018 could allow an attacker who has intercepted a registration invitation link to impersonate the registered user or obtain sensitive information. IBM X-Force ID: 191105.
Ibm Api Connect
3.5
CVSSv2
CVE-2020-4195
IBM API Connect V2018.4.1.0 up to and including 2018.4.1.10 could allow a remote malicious user to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click ...
Ibm Api Connect
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-35000
CVE-2024-4439
unauthorized
CVE-2024-0042
CVE-2024-31848
CVE-2023-40694
cache poisoning
CVE-2024-23707
firmware
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »