SymmetricalDataSecurity: IBM Security Bulletin: API Connect is affected by a generated LoopBack APIs vulnerability (CVE-2018-1389)

Friday, April 27, 2018

IBM Security Bulletin: API Connect is affected by a generated LoopBack APIs vulnerability (CVE-2018-1389)

Apr 27, 2018 12:32 pm EDT

Share this post:

API Connect has addressed the following vulnerability. IBM API Connect is impacted by a generated LoopBack APIs for a Model using the BelongsTo/HasMany relationship allowing unauthorized modification of information.

CVE(s): CVE-2018-1389

Affected product(s) and affected version(s):

Affected IBM API Management	Affected Versions
IBM API Connect	5.0.0.0-5.0.6.5
IBM API Connect	5.0.7.0-5.0.7.2
IBM API Connect	5.0.8.0-5.0.8.2

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=swg22013531
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/138213

from IBM Product Security Incident Response Team https://ift.tt/2HyOSsN

SymmetricalDataSecurity

Friday, April 27, 2018

IBM Security Bulletin: API Connect is affected by a generated LoopBack APIs vulnerability (CVE-2018-1389)

No comments:

Post a Comment

Blog Archive

Search This Blog

Total Pageviews