IBM Security Bulletin: API security restrictions can be bypassed in IBM API Connect (CVE-2017-1328)
APIs managed by API Connect which are protected by security restrictions could be accessed without providing valid security credentials.
CVE(s): CVE-2017-1328
Affected product(s) and affected version(s):
IBM API Connect V5.0.0.0 – V5.0.6.2
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2s31bFX
X-Force Database: http://ift.tt/2sMWw7X
The post IBM Security Bulletin: API security restrictions can be bypassed in IBM API Connect (CVE-2017-1328) appeared first on IBM PSIRT Blog.
from IBM Product Security Incident Response Team http://ift.tt/2s31ccZ