Vulnerabilities > IBM > API Connect > 5.0.6.4

DATE CVE VULNERABILITY TITLE RISK
2018-04-04 CVE-2018-1469 Unspecified vulnerability in IBM API Connect
IBM API Connect Developer Portal 5.0.0.0 through 5.0.8.2 could allow an unauthenticated attacker to execute system commands using specially crafted HTTP requests.
network
low complexity
ibm
critical
 9.8
9.8
2018-02-07 CVE-2018-1382 Cross-site Scripting vulnerability in IBM API Connect
IBM API Connect 5.0.0.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2017-09-25 CVE-2017-1555 Improper Input Validation vulnerability in IBM API Connect
IBM API Connect 5.0.0.0 through 5.0.7.2 could allow an authenticated user to generate an API token when not subscribed to the application plan.
network
low complexity
ibm CWE-20
4.3
4.3
2017-09-25 CVE-2017-1551 Improper Input Validation vulnerability in IBM API Connect
IBM API Connect 5.0.0.0 through 5.0.7.2 could allow a remote attacker to hijack the clicking action of the victim.
network
low complexity
ibm CWE-20
6.1
6.1