Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:ibm:api_management:3.0.0.0:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2015-0149 |
The developer portal in IBM API Management 3.0 before 3.0.4.1 does not properly restrict access to the public and private APIs, which allows remote authenticated users to obtain sensitive information or modify data via unspecified API calls. Published: March 18, 2015; 6:59:06 AM -0400 |
V3.x:(not available) V2.0: 5.5 MEDIUM |
CVE-2014-6172 |
IBM API Management 3.0 before 3.0.4.0 IF1 allows remote attackers to obtain sensitive analytics information in an encrypted form via unspecified vectors. Published: January 21, 2015; 10:17:01 AM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2014-6133 |
IBM API Management 3.x before 3.0.1.0 allows local users to obtain sensitive ciphertext information via unspecified vectors. Published: October 26, 2014; 2:55:05 PM -0400 |
V3.x:(not available) V2.0: 2.1 LOW |
CVE-2014-3036 |
Unspecified vulnerability in IBM API Management 3.0.0.0, when basic authentication is used for APIs, allows remote attackers to bypass intended restrictions on topology access, and obtain sensitive information, via unknown vectors. Published: June 08, 2014; 7:55:02 PM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |