Information Disclosure in IBM API Management Product
CVE-2014-6133

Currently unrated

Key Information:

Vendor: IBM
Status: Api Management
Vendor: CVE Published:; 26 October 2014

Summary

IBM API Management prior to version 3.0.1.0 is susceptible to a local information disclosure vulnerability. This flaw allows local users to access sensitive ciphertext information through unspecified vectors, potentially leading to unauthorized revelations of confidential data. Organizations using affected versions are advised to upgrade to the specified version to mitigate the risk.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21686801

x_refsource_CONFIRM

http://www-01.ibm.com/support/docview.wss?uid=swg1LI78229

vendor-advisoryx_refsource_AIXAPAR

https://exchange.xforce.ibmcloud.com/vulnerabilities/96813

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Oct 26, 2014
Vulnerability Reserved
Sep 2, 2014