CVE-2015-0149

Currently unrated

Key Information:

Vendor: IBM
Status: Api Management
Vendor: CVE Published:; 18 March 2015

Summary

The developer portal in IBM API Management 3.0 before 3.0.4.1 does not properly restrict access to the public and private APIs, which allows remote authenticated users to obtain sensitive information or modify data via unspecified API calls.

References

http://www-01.ibm.com/support/docview.wss?uid=swg1LI78430

vendor-advisoryx_refsource_AIXAPAR

http://www-01.ibm.com/support/docview.wss?uid=swg21696693

x_refsource_CONFIRM

Timeline

Vulnerability published
Mar 18, 2015
Vulnerability Reserved
Nov 18, 2014