Vulnerabilities > IBM > API Connect > 5.0.3.0

DATE CVE VULNERABILITY TITLE RISK
2021-08-26 CVE-2021-29715 Unspecified vulnerability in IBM API Connect
IBM API Connect 5.0.0.0 through 5.0.8.11 could alllow a remote user to obtain sensitive information or conduct denial of serivce attacks due to open ports.
network
low complexity
ibm
critical
 9.1
9.1
2021-08-26 CVE-2021-29772 Code Injection vulnerability in IBM API Connect
IBM API Connect 5.0.0.0 through 5.0.8.11 could allow a user to potentially inject code due to unsanitized user input.
network
low complexity
ibm CWE-94
critical
 9.8
9.8
2021-08-17 CVE-2020-4706 Cross-site Scripting vulnerability in IBM API Connect
IBM API Connect 5.0.0.0 through 5.0.8.10 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers.
network
low complexity
ibm CWE-79
5.4
5.4
2021-08-04 CVE-2020-4707 Cross-site Scripting vulnerability in IBM API Connect
IBM API Connect 5.0.0.0 through 5.0.8.11 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2021-01-12 CVE-2020-4838 Cross-site Scripting vulnerability in IBM API Connect
IBM API Connect 5.0.0.0 through 5.0.8.10 is vulnerable to stored cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2021-01-05 CVE-2020-4899 Cleartext Transmission of Sensitive Information vulnerability in IBM API Connect
IBM API Connect 5.0.0.0 through 5.0.8.10 could potentially leak sensitive information or allow for data corruption due to plain text transmission of sensitive information across the network.
network
low complexity
ibm CWE-319
critical
 9.1
9.1
2020-06-12 CVE-2020-4251 Cross-site Scripting vulnerability in IBM API Connect
IBM API Connect 5.0.0.0 through 5.0.8.8 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2020-03-24 CVE-2019-4553 Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM API Connect
IBM API Connect V5.0.0.0 through 5.0.8.7iFix3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
network
low complexity
ibm CWE-327
7.5
7.5
2019-10-29 CVE-2019-4600 Unspecified vulnerability in IBM API Connect
IBM API Connect version V5.0.0.0 through 5.0.8.7 could reveal sensitive information to an attacker using a specially crafted HTTP request.
network
low complexity
ibm
5.3
5.3
2019-08-20 CVE-2019-4460 Path Traversal vulnerability in IBM API Connect
IBM API Connect 5.0.0.0 through 5.0.8.6 developer portal could allow a remote attacker to traverse directories on the system.
network
low complexity
ibm CWE-22
7.5
7.5