IBM API Connect CVE-2018-1778 Authentication Bypass Vulnerability
BID:106313
CVE-2018-1778 |Info
IBM API Connect CVE-2018-1778 Authentication Bypass Vulnerability
| Bugtraq ID: | 106313 |
| Class: | Access Validation Error |
| CVE: |
CVE-2018-1778 |
| Remote: | Yes |
| Local: | No |
| Published: | Dec 17 2018 12:00AM |
| Updated: | Dec 17 2018 12:00AM |
| Credit: | @zbarbutos via Gitter |
| Vulnerable: |
IBM API Connect 2018.4.1 IBM API Connect 2018.3.7 IBM API Connect 2018.2.5 IBM API Connect 2018.2.3 IBM API Connect 2018.2 IBM API Connect 2018.1 IBM API Connect 5.0.8.4 IBM API Connect 5.0.8.2 IBM API Connect 5.0.8.1 IBM API Connect 5.0.8.0 |
| Not Vulnerable: |
IBM API Connect 5.0.8.5 IBM API Connect 2018.4.1.1 |
Discussion
IBM API Connect CVE-2018-1778 Authentication Bypass Vulnerability
IBM API Connect is prone to an authentication-bypass vulnerability.
An attacker can exploit this issue to bypass the authentication mechanism and perform unauthorized actions. This may lead to further attacks.
IBM API Connect versions 2018.1 through 2018.4.1 and 5.0.8.0 through 5.0.8.4 are vulnerable.
IBM API Connect is prone to an authentication-bypass vulnerability.
An attacker can exploit this issue to bypass the authentication mechanism and perform unauthorized actions. This may lead to further attacks.
IBM API Connect versions 2018.1 through 2018.4.1 and 5.0.8.0 through 5.0.8.4 are vulnerable.
Solution / Fix
IBM API Connect CVE-2018-1778 Authentication Bypass Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.