Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBM0BB2927F4F38B4D3A1749D1EA1E642077A0EB218C3CDB0F4B9468997A8495F21
HistoryMar 27, 2019 - 10:35 p.m.

Security Bulletin: API Connect is affected by insecure caching (CVE-2018-1874)

2019-03-2722:35:01
www.ibm.com
15

EPSS

0.001

Percentile

37.0%

JSON

Summary

IBM API Connect has addressed the following vulnerability.

Vulnerability Details

CVEID:CVE-2018-1874
**DESCRIPTION:*IBM API Connect could display highly sensitive information to an attacker with physical access to the system.
CVSS Base Score: 4.6
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/151636&gt; for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)

Affected Products and Versions

Affected IBM API Management Affected Versions
IBM API Connect 5.0.0.0-5.0.8.5

Remediation/Fixes

Product VRMF APAR Remediation / First Fix
IBM API Connect V5.0.8.0 - 5.0.8.5 5.0.8.6 fixpack LI80397

Addressed in IBM API Connect V5.0.8.6 fix pack.

Follow this link and find the APIConnect_Management package.
http://www.ibm.com/support/fixcentral/swg/quickorder?parent=ibm%7EWebSphere&product=ibm/WebSphere/IBM+API+Connect&release=5.0.8.5&platform=All&function=all&source=fc

Related

prion 1
cvelist 1
cve 1
nvd 1
prion
prion
Design/Logic Flaw
2019-04-02 14:29:00
cvelist
cvelist
CVE-2018-1874
2019-04-02 13:20:33
cve
cve
CVE-2018-1874
2019-04-02 14:29:00
nvd
nvd
CVE-2018-1874
2019-04-02 14:29:00

EPSS

0.001

Percentile

37.0%

JSON
Related for 0BB2927F4F38B4D3A1749D1EA1E642077A0EB218C3CDB0F4B9468997A8495F21
prion1cvelist1cve1nvd1