IBM API Connect 5.0.0.0 and 5.0.8.6 Developer Portal is vulnerable to command injection. An attacker with a specially crafted request can run arbitrary code on the server and gain complete access to the system. IBM X-Force ID: 159123.
oryginał ENCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:HIBM Api Connect
APPIbm5.0.0.0 – 5.0.8.6
Powiązane podatności
IBM API Connect — obejście mechanizmów uwierzytelniania (Auth Bypass)
IBM API Connect 5.0.0.0 through 5.0.8.11 could allow a user to potentially inject code due to unsanitized user...
IBM API Connect 5.0.0.0 through 5.0.8.11 could alllow a remote user to obtain sensitive information or conduct...
IBM API Connect 5.0.0.0 through 5.0.8.10 could potentially leak sensitive information or allow for data corrup...
IBM API Connect 5.0.0.0 and 5.0.8.6 Developer Portal can be exploited by app developers to download arbitrary ...