Home Unlabelled IBM Security Bulletin: IBM API Connect is vulnerable to CSV Injection (CVE-2018-1774)

IBM Security Bulletin: IBM API Connect is vulnerable to CSV Injection (CVE-2018-1774)

By
Tuesday, November 06, 2018
Read
Add Comment

Nov 6, 2018 8:01 am EST

Categorized: High Severity

Share this post:

IBM API Connect has addressed the following vulnerability. IBM API Connect is vulnerable to CSV Injection via the Developer Portal and analytics that could contain malicious commands that would be executed once opened by an administrator.

CVE(s): CVE-2018-1774

Affected product(s) and affected version(s):

Affected API ConnectAffected Versions
IBM API Connect5.0.0.0-5.0.8.4
IBM API Connect2018.1-2018.3.6

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10737867
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/148692



from IBM Product Security Incident Response Team https://ift.tt/2qu8i6W
Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us