IBM API Connect server credentials used for a specific restricted scenario that is internal and do not involve authentication may have been exposed and packaged in the toolkit.
CVE(s): CVE-2016-3012
Affected product(s) and affected version(s):
All toolkit versions on or earlier than APIConnect v5.0.2.0, NPM version 2.1.19.
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2b1nl0L
X-Force Database: http://ift.tt/2aO9cak
from IBM Product Security Incident Response Team http://ift.tt/2b1nq4g
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.