Thursday, July 27, 2017

IBM Security Bulletin: Weaker than expected security in IBM API Connect Developer Portal (CVE-2017-6922)

IBM API Connect Developer Portal could allow a remote attacker to bypass security restrictions, caused by the failure to restrict access to the private file system.

CVE(s): CVE-2017-6922

Affected product(s) and affected version(s):

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2vb3kR3
X-Force Database: http://ift.tt/2w37G9b

The post IBM Security Bulletin: Weaker than expected security in IBM API Connect Developer Portal (CVE-2017-6922) appeared first on IBM PSIRT Blog.

Affected API Connect Affected Versions
IBM API Connect 5.0.0.0-5.0.7.1
IBM API Management 4.0.0.0-4.0.4.4


from IBM Product Security Incident Response Team http://ift.tt/2vaUv9F

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.