PT-2019-9943 · Ibm · Ibm Api Connect

Published

2019-05-22

Updated

2019-10-09

CVE-2018-1991

CVSS v2.0

4.0

Medium

Vector

AV:N/AC:L/Au:S/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions IBM API Connect versions 5.0.0.0 through 5.0.8.6

Description The issue allows sensitive information to be returned, potentially revealing critical details about the underlying software stack through CMC UI headers.

Recommendations For versions 5.0.0.0 through 5.0.8.6, consider restricting access to the CMC UI headers to minimize the risk of exploitation.

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2018-1991

Affected Products

Ibm Api Connect

PT-2019-9943 · Ibm · Ibm Api Connect

CVE-2018-1991

Weakness Enumeration

Related Identifiers

Affected Products

References · 4