API Connect has addressed the following vulnerability. An authenticated user could be allowed to generate an API token when not subscribed to the application plan.
CVE(s): CVE-2017-1555
Affected product(s) and affected version(s):
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2wLzWgD
X-Force Database: http://ift.tt/2xtklpu
The post IBM Security Bulletin: API Connect is affected by a vulnerability by which an authenticated user could generate an API token appeared first on IBM PSIRT Blog.
| Affected API Connect | Affected Versions |
| IBM API Connect | 5.0.0.0-5.0.6.3 |
| IBM API Connect | 5.0.7.0-5.0.7.2 |
from IBM Product Security Incident Response Team http://ift.tt/2wLFt6C
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.