Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm api connect vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2018-1468
IBM API Connect 5.0.8.1 and 5.0.8.2 could allow a user to get access to internal environment and sensitive API details to which they are not authorized. IBM X-Force ID: 140399.
Ibm Api Connect 5.0.8.2
Ibm Api Connect 5.0.8.1
4
CVSSv2
CVE-2018-1389
IBM API Connect 5.0.0.0 up to and including 5.0.8.2 is impacted by generated LoopBack APIs for a Model using the BelongsTo/HasMany relationship allowing unauthorized modification of information. IBM X-Force ID: 138213.
Ibm Api Connect
4
CVSSv2
CVE-2017-1785
IBM API Connect 5.0.7 and 5.0.8 could allow an authenticated remote user to modify query parameters to obtain sensitive information. IBM X-Force ID: 136859.
Ibm Api Connect 5.0.7.1
Ibm Api Connect 5.0.8.0
Ibm Api Connect 5.0.8.1
Ibm Api Connect 5.0.7.0
Ibm Api Connect 5.0.7.2
4
CVSSv2
CVE-2017-1555
IBM API Connect 5.0.0.0 up to and including 5.0.7.2 could allow an authenticated user to generate an API token when not subscribed to the application plan. IBM X-Force ID: 131545.
Ibm Api Connect 5.0.6.1
Ibm Api Connect 5.0.6.2
Ibm Api Connect 5.0.6.3
Ibm Api Connect 5.0.6.4
Ibm Api Connect 5.0.4.0
Ibm Api Connect 5.0.6.0
Ibm Api Connect 5.0.7.0
Ibm Api Connect 5.0.7.2
Ibm Api Connect 5.0.0.0
Ibm Api Connect 5.0.0.1
Ibm Api Connect 5.0.1.0
Ibm Api Connect 5.0.2.0
Ibm Api Connect 5.0.3.0
Ibm Api Connect 5.0.5.0
Ibm Api Connect 5.0.7.1
4
CVSSv2
CVE-2017-1556
IBM API Connect 5.0.7.0 up to and including 5.0.7.2 is vulnerable to a regular expression attack that could allow an authenticated malicious user to use a regex and cause the system to slow or hang. IBM X-Force ID: 131546.
Ibm Api Connect 5.0.7.0
Ibm Api Connect 5.0.7.1
Ibm Api Connect 5.0.7.2
3.8
CVSSv2
CVE-2020-4640
Certain IBM API Connect 10.0.0.0 up to and including 10.0.1.0 and 2018.4.1.0 up to and including 2018.4.1.13 configurations can result in sensitive information in the URL fragment identifiers. This information can be cached in the intermediate nodes like proxy servers, cdn, loggi...
Ibm Api Connect 10.0.0.0
Ibm Api Connect 10.0.1.0
Ibm Api Connect
3.6
CVSSv2
CVE-2019-15718
In systemd 240, bus_open_system_watch_bind_with_description in shared/bus-util.c (as used by systemd-resolved to connect to the system D-Bus instance), calls sd_bus_set_trusted, which disables access controls for incoming D-Bus messages. An unprivileged user can exploit this by e...
Systemd Project Systemd 240
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Redhat Enterprise Linux 8.0
Redhat Openshift Container Platform 4.1
Redhat Enterprise Linux Eus 8.1
Redhat Enterprise Linux Eus 8.2
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux Server Tus 8.4
Redhat Enterprise Linux Eus 8.4
Redhat Enterprise Linux Server Aus 8.4
Redhat Enterprise Linux Server Update Services For Sap Solutions 8.2
Redhat Enterprise Linux Server Update Services For Sap Solutions 8.4
Redhat Enterprise Linux Server Update Services For Sap Solutions 8.1
Redhat Enterprise Linux For Power Little Endian Eus 8.2
Redhat Enterprise Linux For Ibm Z Systems Eus 8.2
Redhat Enterprise Linux For Ibm Z Systems Eus 8.1
Redhat Enterprise Linux For Power Little Endian Eus 8.1
Redhat Enterprise Linux For Power Little Endian 8.0
Redhat Enterprise Linux For Ibm Z Systems Eus 8.4
3.5
CVSSv2
CVE-2020-4707
IBM API Connect 5.0.0.0 up to and including 5.0.8.11 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted ses...
Ibm Api Connect
3.5
CVSSv2
CVE-2020-4825
IBM API Connect 10.0.0.0 up to and including 10.0.1.0 and 2018.4.1.0 up to and including 2018.4.1.13 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leadin...
Ibm Api Connect 10.0.0.0
Ibm Api Connect 10.0.1.0
Ibm Api Connect
3.5
CVSSv2
CVE-2020-4838
IBM API Connect 5.0.0.0 up to and including 5.0.8.10 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trus...
Ibm Api Connect
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
NEXT »