Vulnerabilities > CVE-2014-3036 - Unauthorized Access vulnerability in IBM API Management 3.0.0.0

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

ibm

NVD

Published: 2014-06-08

Updated: 2017-08-29

Summary

Unspecified vulnerability in IBM API Management 3.0.0.0, when basic authentication is used for APIs, allows remote attackers to bypass intended restrictions on topology access, and obtain sensitive information, via unknown vectors.

Vulnerable Configurations

Part	Description	Count
Application	Ibm IBM API Management 3.0.0.0	1

References

http://secunia.com/advisories/59044
http://www.securityfocus.com/bid/67941
http://www-01.ibm.com/support/docview.wss?uid=swg1LI78000
http://www-01.ibm.com/support/docview.wss?uid=swg21674232
https://exchange.xforce.ibmcloud.com/vulnerabilities/93302