Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm api connect vulnerabilities and exploits
(subscribe to this query)
9
CVSSv2
CVE-2019-4203
IBM API Connect 5.0.0.0 and 5.0.8.6 Developer Portal can be exploited by app developers to download arbitrary files from the host OS and potentially carry out SSRF attacks. IBM X-Force ID: 159124.
Ibm Api Connect
5
CVSSv2
CVE-2019-4256
IBM API Connect 5.0.0.0 up to and including 5.0.8.6 uses weaker than expected cryptographic algorithms that could allow an malicious user to decrypt highly sensitive information. IBM X-Force ID: 159944.
Ibm Api Connect
5
CVSSv2
CVE-2019-4382
IBM API Connect 5.0.0.0 up to and including 5.0.8.6 could allow an unauthorized user to obtain sensitive information about the system users using specially crafted HTTP requests. IBM X-Force ID: 162162.
Ibm Api Connect
5
CVSSv2
CVE-2019-4437
IBM API Connect 2018.1 up to and including 2018.4.1.6 may inadvertently leak sensitive details about internal servers and network via API swagger. IBM X-force ID: 162947.
Ibm Api Connect
5
CVSSv2
CVE-2019-4402
IBM API Connect 2018.1 up to and including 2018.4.1.6 developer portal could allow an unauthorized user to cause a denial of service via an unprotected API. IBM X-Force ID: 162263.
Ibm Api Connect
6.4
CVSSv2
CVE-2021-29715
IBM API Connect 5.0.0.0 up to and including 5.0.8.11 could alllow a remote user to obtain sensitive information or conduct denial of serivce attacks due to open ports. IBM X-Force ID: 201018.
Ibm Api Connect
7.5
CVSSv2
CVE-2021-29772
IBM API Connect 5.0.0.0 up to and including 5.0.8.11 could allow a user to potentially inject code due to unsanitized user input. IBM X-Force ID: 202774.
Ibm Api Connect
6.5
CVSSv2
CVE-2020-4638
IBM API Connect's API Manager 2018.4.1.0 up to and including 2018.4.1.12 is vulnerable to privilege escalation. An invitee to an API Provider organization can escalate privileges by manipulating the invitation link. IBM X-Force ID: 185508.
Ibm Api Connect
3.5
CVSSv2
CVE-2020-4707
IBM API Connect 5.0.0.0 up to and including 5.0.8.11 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted ses...
Ibm Api Connect
6.4
CVSSv2
CVE-2020-4899
IBM API Connect 5.0.0.0 up to and including 5.0.8.10 could potentially leak sensitive information or allow for data corruption due to plain text transmission of sensitive information across the network. IBM X-Force ID: 190990.
Ibm Api Connect
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »