Vulnerabilities > CVE-2018-1789 - Server-Side Request Forgery (SSRF) vulnerability in IBM API Connect

047910
CVSS 9.9 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
LOW
network
low complexity
ibm
CWE-918
critical

Summary

IBM API Connect v2018.1.0 through v2018.3.4 could allow an attacker to send a specially crafted request to conduct a server side request forgery attack. IBM X-Force ID: 148939.

Common Weakness Enumeration (CWE)