Vulnerabilities > Linuxfoundation > Zowe API Mediation Layer > 1.17.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-10-10 | CVE-2024-9798 | Cleartext Storage of Sensitive Information vulnerability in Linuxfoundation Zowe API Mediation Layer The health endpoint is public so everybody can see a list of all services. | 5.3 |
2023-01-18 | CVE-2021-4314 | Improper Authentication vulnerability in Linuxfoundation Zowe API Mediation Layer It is possible to manipulate the JWT token without the knowledge of the JWT secret and authenticate without valid JWT token as any user. | 5.3 |