CVE-2020-4638

Summary

IBM API Connect's API Manager 2018.4.1.0 through 2018.4.1.12 is vulnerable to privilege escalation. An invitee to an API Provider organization can escalate privileges by manipulating the invitation link. IBM X-Force ID: 185508.

Affected Software

VendorProductVersion RangeStatus
IBMAPI Connect2018.4.1.0affected
IBMAPI Connect2018.4.12affected

Weaknesses

  • Gain Privileges

ADP Enrichment

CVE Program Container

Additional References

References