SymmetricalDataSecurity: IBM Security Bulletin: API Connect Developer Portal is affected by authenticated user access to sensitive information vulnerability (CVE-2017-1785)

Saturday, February 3, 2018

IBM Security Bulletin: API Connect Developer Portal is affected by authenticated user access to sensitive information vulnerability (CVE-2017-1785)

API Connect has addressed the following vulnerability. API Connect Developer Portal could allow an authenticated remote user to modify query parameters to obtain sensitive information.

CVE(s): CVE-2017-1785

Affected product(s) and affected version(s):

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=swg22013061
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/136859

The post IBM Security Bulletin: API Connect Developer Portal is affected by authenticated user access to sensitive information vulnerability (CVE-2017-1785) appeared first on IBM PSIRT Blog.

Affected API Connect	Affected Versions
IBM API Connect	5.0.7.0-5.0.7.2
IBM API Connect	5.0.8.0-5.0.8.1

from IBM Product Security Incident Response Team http://ift.tt/2DXsdjS

SymmetricalDataSecurity

Saturday, February 3, 2018

IBM Security Bulletin: API Connect Developer Portal is affected by authenticated user access to sensitive information vulnerability (CVE-2017-1785)

No comments:

Post a Comment

Blog Archive

Search This Blog

Total Pageviews