Vulnerabilities > IBM > API Connect > 2018.4.1.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-04-29 | CVE-2018-2007 | Inadequate Encryption Strength vulnerability in IBM API Connect IBM API Connect 2018.1 and 2018.4.1.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 7.5 |
| 2019-04-08 | CVE-2019-4155 | Unspecified vulnerability in IBM API Connect IBM API Connect's Developer Portal 2018.1 and 2018.4.1.3 is impacted by a privilege escalation vulnerability when integrated with an OpenID Connect (OIDC) user registry. | 9.8 |
| 2019-04-08 | CVE-2019-4051 | Information Exposure vulnerability in IBM API Connect Some URIs in IBM API Connect 2018.1 and 2018.4.1.3 disclose system specification information like the machine id, system uuid, filesystem paths, network interface names along with their mac addresses. | 5.3 |
| 2019-03-22 | CVE-2019-4052 | Unspecified vulnerability in IBM API Connect IBM API Connect 2018.1 and 2018.4.1.2 apis can be leveraged by unauthenticated users to discover login ids of registered users. | 7.5 |
| 2019-02-07 | CVE-2019-4008 | Information Exposure Through Log Files vulnerability in IBM API Connect API Connect V2018.1 through 2018.4.1.1 is impacted by access token leak. | 9.8 |