CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2016-3012

IBM API Connect (aka APIConnect) before 5.0.3.0 with NPM before 2.2.8 includes certain internal server credentials in the software package, which might allow remote attackers to bypass intended access restrictions by leveraging knowledge of these credentials.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 40.8%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

http://www-01.ibm.com/support/docview.wss?uid=swg21988212
http://www.securityfocus.com/bid/92417
http://www-01.ibm.com/support/docview.wss?uid=swg21988212
http://www.securityfocus.com/bid/92417

Products affected by CVE-2016-3012

Ibm » Api Connect » Version: 5.0.0.0

cpe:2.3:a:ibm:api_connect:5.0.0.0
Ibm » Api Connect » Version: 5.0.0.1

cpe:2.3:a:ibm:api_connect:5.0.0.1
Ibm » Api Connect » Version: 5.0.1.0

cpe:2.3:a:ibm:api_connect:5.0.1.0
Ibm » Api Connect » Version: 5.0.2.0

cpe:2.3:a:ibm:api_connect:5.0.2.0
Ibm » Network Path Manager » Version: 2.1.1.9

cpe:2.3:a:ibm:network_path_manager:2.1.1.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-3012

Products

Pricing

Contact Us