CVE-2014-3036

Sažetak

Unspecified vulnerability in IBM API Management 3.0.0.0, when basic authentication is used for APIs, allows remote attackers to bypass intended restrictions on topology access, and obtain sensitive information, via unknown vectors.

Reference

http://secunia.com/advisories/59044
http://www.securityfocus.com/bid/67941
http://www-01.ibm.com/support/docview.wss?uid=swg1LI78000
http://www-01.ibm.com/support/docview.wss?uid=swg21674232
https://exchange.xforce.ibmcloud.com/vulnerabilities/93302

CVSS

Base:	4.3
Impact:	2.9
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:N/AC:M/Au:N/C:P/I:N/A:N

Zadnje važnije ažuriranje

29-08-2017 - 01:34

Objavljeno

08-06-2014 - 23:55