CVE-2018-1789

Summary

IBM API Connect v2018.1.0 through v2018.3.4 could allow an attacker to send a specially crafted request to conduct a server side request forgery attack. IBM X-Force ID: 148939.

Affected Software

VendorProductVersion RangeStatus
IBMAPI Connect2018.2.1affected
IBMAPI Connect2018.2.2affected
IBMAPI Connect2018.2.3affected
IBMAPI Connect2018.2.4affected
IBMAPI Connect2018.1.0affected
IBMAPI Connect2018.2.5affected
IBMAPI Connect2018.2.6affected
IBMAPI Connect2018.2.7affected
IBMAPI Connect2018.2.8affected
IBMAPI Connect2018.2.9affected
IBMAPI Connect2018.2.10affected
IBMAPI Connect2018.2.11affected
IBMAPI Connect2018.3.1affected
IBMAPI Connect2018.3.2affected
IBMAPI Connect2018.3.3affected
IBMAPI Connect2018.3.4affected

Weaknesses

  • Gain Access

ADP Enrichment

CVE Program Container

Additional References

References