SymmetricalDataSecurity: IBM Security Bulletin: API Connect is affected by a vulnerability that could allow a specially crafted HTTP request to execute system commands (CVE-2018-1469)

Tuesday, April 3, 2018

IBM Security Bulletin: API Connect is affected by a vulnerability that could allow a specially crafted HTTP request to execute system commands (CVE-2018-1469)

Apr 3, 2018 9:01 am EDT

Share this post:

API Connect has addressed the following vulnerability. IBM API Connect Developer Portal could allow an unathenticated attacker to execute system commands using specially crafted HTTP requests.

CVE(s): CVE-2018-1469

Affected product(s) and affected version(s):

Affected API Connect	Affected Versions
IBM API Connect	5.0.0.0-5.0.6.6
IBM API Connect	5.0.7.0-5.0.7.2
IBM API Connect	5.0.8.0-5.0.8.2

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=swg22014940
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/140605

from IBM Product Security Incident Response Team https://ift.tt/2GunGun

SymmetricalDataSecurity

Tuesday, April 3, 2018

IBM Security Bulletin: API Connect is affected by a vulnerability that could allow a specially crafted HTTP request to execute system commands (CVE-2018-1469)

No comments:

Post a Comment

Blog Archive

Search This Blog

Total Pageviews