IBM API Connect 5.0.0.0 could allow a user to bypass policy restrictions and create non-compliant passwords which could be intercepted and decrypted using man in the middle techniques. IBM X-Force ID: 127160.
2017-07-31T21:29:00.627
2025-04-20T01:37:25.860
Deferred
CVSSv3.0: 5.9 (MEDIUM)
AV:N/AC:M/Au:N/C:P/I:N/A:N
8.6
2.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | ibm | api_connect | 5.0.0.0 | Yes |
| Application | ibm | api_connect | 5.0.0.1 | Yes |
| Application | ibm | api_connect | 5.0.1.0 | Yes |
| Application | ibm | api_connect | 5.0.2.0 | Yes |
| Application | ibm | api_connect | 5.0.3.0 | Yes |
| Application | ibm | api_connect | 5.0.4.0 | Yes |
| Application | ibm | api_connect | 5.0.5.0 | Yes |
| Application | ibm | api_connect | 5.0.6.0 | Yes |
| Application | ibm | api_connect | 5.0.6.1 | Yes |
| Application | ibm | api_connect | 5.0.6.2 | Yes |
| Application | ibm | api_connect | 5.0.7.0 | Yes |
| Application | ibm | api_management | 4.0.0.0 | Yes |
| Application | ibm | api_management | 4.0.0.1 | Yes |
| Application | ibm | api_management | 4.0.1.0 | Yes |
| Application | ibm | api_management | 4.0.2.0 | Yes |
| Application | ibm | api_management | 4.0.2.1 | Yes |
| Application | ibm | api_management | 4.0.3.0 | Yes |
| Application | ibm | api_management | 4.0.4.0 | Yes |
| Application | ibm | api_management | 4.0.4.1 | Yes |
| Application | ibm | api_management | 4.0.4.2 | Yes |
| Application | ibm | api_management | 4.0.4.3 | Yes |
| Application | ibm | api_management | 4.0.4.4 | Yes |
| Application | ibm | api_management | 4.0.4.5 | Yes |