CVE-2018-1638

Summary

IBM API Connect 5.0.0.0-5.0.8.3 Developer Portal does not enforce Two Factor Authentication (TFA) while resetting a user password but enforces it for all other login scenarios. IBM X-Force ID: 144483.

Affected Software

VendorProductVersion RangeStatus
IBMAPI Connect5.0.0.0-5.0.8.3affected

Weaknesses

  • Bypass Security

ADP Enrichment

CVE Program Container

Additional References

References