CVE-2018-1774

Summary

IBM API Connect 5.0.0.0, 5.0.8.4, 2018.1 and 2018.3.6 is vulnerable to CSV injection via the developer portal and analytics that could contain malicious commands that would be executed once opened by an administrator. IBM X-Force ID: 148692.

Affected Software

VendorProductVersion RangeStatus
IBMAPI Connect5.0.0.0affected
IBMAPI Connect2018.1affected
IBMAPI Connect5.0.8.4affected
IBMAPI Connect2018.3.6affected

Weaknesses

  • Gain Access

ADP Enrichment

CVE Program Container

Additional References

References