IBM API Connect Developer Portal could allow a remote attacker to bypass security restrictions, caused by the failure to restrict access to the private file system.
CVE(s): CVE-2017-6922
Affected product(s) and affected version(s):
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2vb3kR3
X-Force Database: http://ift.tt/2w37G9b
The post IBM Security Bulletin: Weaker than expected security in IBM API Connect Developer Portal (CVE-2017-6922) appeared first on IBM PSIRT Blog.
| Affected API Connect | Affected Versions |
| IBM API Connect | 5.0.0.0-5.0.7.1 |
| IBM API Management | 4.0.0.0-4.0.4.4 |
from IBM Product Security Incident Response Team http://ift.tt/2vaUv9F
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.