CVE-2018-1991 LOW

CVE-2018-1991

Vendor Ibm
Product API Connect
Published May 22, 2019
Last update September 16, 2024

CVSS base score

2.7/10
Attack vector Network
Attack complexity Low
Privileges required High
User interaction None
Confidentiality Low
Integrity None

CVSS vector

CVSS:3.0/A:N/S:U/PR:H/AV:N/C:L/I:N/UI:N/AC:L/RC:C/RL:O/E:U

What the vulnerability does

01Description

IBM API Connect 5.0.0.0, and 5.0.8.6 could could return sensitive information that could provide critical information as to the underlying software stack in CMC UI headers. IBM X-Force ID: 154284.

Key dates

02Disclosure timeline

May 22, 2019 CVE published
September 16, 2024 Record updated