Vulnerability Details CVE-2014-3036
Unspecified vulnerability in IBM API Management 3.0.0.0, when basic authentication is used for APIs, allows remote attackers to bypass intended restrictions on topology access, and obtain sensitive information, via unknown vectors.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 44.5%
CVSS Severity
CVSS v2 Score 4.3
References
- http://secunia.com/advisories/59044
- http://www-01.ibm.com/support/docview.wss?uid=swg1LI78000
- http://www-01.ibm.com/support/docview.wss?uid=swg21674232
- http://www.securityfocus.com/bid/67941
- https://exchange.xforce.ibmcloud.com/vulnerabilities/93302
- http://secunia.com/advisories/59044
- http://www-01.ibm.com/support/docview.wss?uid=swg1LI78000
- http://www-01.ibm.com/support/docview.wss?uid=swg21674232
- http://www.securityfocus.com/bid/67941
- https://exchange.xforce.ibmcloud.com/vulnerabilities/93302
Products affected by CVE-2014-3036
-
cpe:2.3:a:ibm:api_management:3.0.0.0