Vulnerability Details CVE-2017-1556
IBM API Connect 5.0.7.0 through 5.0.7.2 is vulnerable to a regular expression attack that could allow an authenticated attacker to use a regex and cause the system to slow or hang. IBM X-Force ID: 131546.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 63.4%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 4.0
References
- http://www.ibm.com/support/docview.wss?uid=swg22008315
- http://www.securityfocus.com/bid/100831
- https://exchange.xforce.ibmcloud.com/vulnerabilities/131546
- http://www.ibm.com/support/docview.wss?uid=swg22008315
- http://www.securityfocus.com/bid/100831
- https://exchange.xforce.ibmcloud.com/vulnerabilities/131546
Products affected by CVE-2017-1556
-
cpe:2.3:a:ibm:api_connect:5.0.7.0
-
cpe:2.3:a:ibm:api_connect:5.0.7.1
-
cpe:2.3:a:ibm:api_connect:5.0.7.2