CVE-2018-2009

Summary

IBM API Connect v2018.1 and 2018.4.1 is affected by an information disclosure vulnerability in the consumer API. Any registered user can obtain a list of all other users in all other orgs, including email id/names, etc. IBM X-Force ID: 155148.

Affected Software

VendorProductVersion RangeStatus
IBMAPI Connect2018.1affected
IBMAPI Connect2018.4.1affected

Weaknesses

  • Obtain Information

ADP Enrichment

CVE Program Container

Additional References

References