- Description
- Unspecified vulnerability in IBM API Management 3.0.0.0, when basic authentication is used for APIs, allows remote attackers to bypass intended restrictions on topology access, and obtain sensitive information, via unknown vectors.
- Source
- psirt@us.ibm.com
- NVD status
- Modified
CVSS 2.0
- Type
- Primary
- Base score
- 4.3
- Impact score
- 2.9
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:P/I:N/A:N
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:api_management:3.0.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FDCDCF24-B490-4FF1-BFA2-9922EFF9F0C2"
}
],
"operator": "OR"
}
]
}
]