Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
api connect vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2019-4553
IBM API Connect V5.0.0.0 up to and including 5.0.8.7iFix3 uses weaker than expected cryptographic algorithms that could allow an malicious user to decrypt highly sensitive information. IBM X-Force ID: 165958.
Ibm Api Connect
828
VMScore
CVE-2018-1778
IBM LoopBack (IBM API Connect 2018.1, 2018.4.1, 5.0.8.0, and 5.0.8.4) could allow an malicious user to bypass authentication if the AccessToken Model is exposed over a REST API, it is then possible for anyone to create an AccessToken for any User provided they know the userId and...
Ibm Api Connect
668
VMScore
CVE-2018-1784
IBM API Connect 5.0.0.0 and 5.0.8.4 is affected by a NoSQL Injection in MongoDB connector for the LoopBack framework. IBM X-Force ID: 148807.
Ibm Api Connect
578
VMScore
CVE-2018-1789
IBM API Connect v2018.1.0 through v2018.3.4 could allow an malicious user to send a specially crafted request to conduct a server side request forgery attack. IBM X-Force ID: 148939.
Ibm Api Connect
356
VMScore
CVE-2018-1932
IBM API Connect 5.0.0.0 up to and including 5.0.8.4 is affected by a vulnerability in the role-based access control in the management server that could allow an authenticated user to obtain highly sensitive information. IBM X-Force ID: 153175.
Ibm Api Connect
1 Github repository
312
VMScore
CVE-2020-4195
IBM API Connect V2018.4.1.0 up to and including 2018.4.1.10 could allow a remote malicious user to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click ...
Ibm Api Connect
312
VMScore
CVE-2020-4707
IBM API Connect 5.0.0.0 up to and including 5.0.8.11 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted ses...
Ibm Api Connect
605
VMScore
CVE-2018-1858
IBM API Connect 5.0.0.0 up to and including 5.0.8.6 is vulnerable to cross-site request forgery which could allow an malicious user to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 151256.
Ibm Api Connect
578
VMScore
CVE-2018-1859
IBM API Connect 5.0.0.0 up to and including 5.0.8.4 could allow a user authenticated as an administrator with limited rights to escalate their privileges. IBM X-Force ID: 151258.
Ibm Api Connect
801
VMScore
CVE-2018-1973
IBM API Connect 5.0.0.0 up to and including 5.0.8.4 allows a user with limited 'API Administrator level access to give themselves full 'Administrator' level access through the members functionality. IBM X-Force ID: 153914.
Ibm Api Connect
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
CVE-2024-20360
CVE-2021-47559
XXE
CVE-2024-5229
CVE-2021-47543
CVE-2021-47571
SSTI
CVE-2024-4978
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »