CyberSec.Space Logo
Back to CVE Browser

CVE-2018-1469

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.1880%
EPSS Percentile44.60th
PublishedApr 4, 2018
Last ModifiedNov 21, 2024

Vulnerability Description

IBM API Connect Developer Portal 5.0.0.0 through 5.0.8.2 could allow an unauthenticated attacker to execute system commands using specially crafted HTTP requests. IBM X-Force ID: 140605.

Affected Platforms (CPE)

πŸ“¦
Ibm

Api Connect

>= 5.0.0.0 and <= 5.0.6.6
πŸ“¦
Ibm

Api Connect

>= 5.0.7.0 and <= 5.0.7.2
πŸ“¦
Ibm

Api Connect

>= 5.0.8.0 and <= 5.0.8.2

References & Advisories

πŸ”— http://www.ibm.com/support/docview.wss?uid=swg22014940
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/140605
πŸ”— http://www.ibm.com/support/docview.wss?uid=swg22014940
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/140605

Related Vulnerabilities

CVE-2019-420210.0

IBM API Connect 5.0.0.0 and 5.0.8.6 Developer Portal is vulnerable to command injection. An attacker with a specially crafted requ...

CVE-2008-206410.0

Multiple unspecified vulnerabilities in PhpGedView before 4.1.5 have unknown impact and attack vectors related to "a fundamental d...

CVE-2017-234310.0

The Integrated User Firewall (UserFW) feature was introduced in Junos OS version 12.1X47-D10 on the Juniper SRX Series devices to ...

CVE-2018-10002269.8

Cobbler version Verified as present in Cobbler versions 2.6.11+, but code inspection suggests at least 2.0.0+ or possibly even old...