IBM Security Bulletin: API security restrictions can be bypassed in IBM API Connect (CVE-2017-1328)

APIs managed by API Connect which are protected by security restrictions could be accessed without providing valid security credentials.

CVE(s): CVE-2017-1328

Affected product(s) and affected version(s):

IBM API Connect V5.0.0.0 – V5.0.6.2

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2s31bFX
X-Force Database: http://ift.tt/2sMWw7X

The post IBM Security Bulletin: API security restrictions can be bypassed in IBM API Connect (CVE-2017-1328) appeared first on IBM PSIRT Blog.



from IBM Product Security Incident Response Team http://ift.tt/2s31ccZ