Lucene search

IBM2CE5624EEBB8C27C83507FAEEABE7B314A21B34F8A9F848BFFE4AF2F5FB003FF

HistoryJul 27, 2020 - 6:55 p.m.

Security Bulletin: IBM API Connect is vulnerable to a denial of service vulnerability in Oracle MySQL (CVE-2020-2589)

2020-07-2718:55:11

www.ibm.com

0.001 Low

EPSS

Percentile

38.8%

JSON

Summary

IBM API Connect has addressed the following vulnerability.

Vulnerability Details

CVEID:CVE-2020-2589
**DESCRIPTION:**An unspecified vulnerability in Oracle MySQL related to the Server InnoDB component could allow an authenticated attacker to cause a denial of service resulting in a high availability impact using unknown attack vectors.
CVSS Base score: 4.9
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/174537 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)

Affected Products and Versions

Affected Product(s)	Version(s)
API Connect

IBM API Connect

V2018.4.1.0-2018.4.1.11

Remediation/Fixes

Affected Product	Addressed in VRMF	APAR	Remediation/First Fix

IBM API Connect

V2018.4.1.0-2018.4.1.11

| 2018.4.1.12|

LI81612

Addressed in IBM API Connect V2018.4.1.12.

Developer Portal is impacted.

Follow this link and find the “portal” package.

http://www.ibm.com/support/fixcentral/swg/quickorder

Workarounds and Mitigations

None

CPENameOperatorVersion
ibm api connecteq2018.4.1.0
ibm api connecteq2018.4.1.11

CPE	Name	Operator	Version
	ibm api connect	eq	2018.4.1.0
	ibm api connect	eq	2018.4.1.11

0.001 Low

EPSS

Percentile

38.8%

JSON

Related for 2CE5624EEBB8C27C83507FAEEABE7B314A21B34F8A9F848BFFE4AF2F5FB003FF