Unauthorized Modification of Information in IBM API Connect 5.0.0.0 through 5.0.8.2 via Generated LoopBack APIs

Unauthorized Modification of Information in IBM API Connect 5.0.0.0 through 5.0.8.2 via Generated LoopBack APIs

CVE-2018-1389 · MEDIUM Severity

AV:N/AC:L/AU:S/C:N/I:P/A:N

IBM API Connect 5.0.0.0 through 5.0.8.2 is impacted by generated LoopBack APIs for a Model using the BelongsTo/HasMany relationship allowing unauthorized modification of information. IBM X-Force ID: 138213.

Learn more about our Api Penetration Testing.