CVE-2018-1991

LOW

IBM API Connect <5.0.8.6 - Info Disclosure

Title source: llm
STIX 2.1

Description

IBM API Connect 5.0.0.0, and 5.0.8.6 could could return sensitive information that could provide critical information as to the underlying software stack in CMC UI headers. IBM X-Force ID: 154284.

References (2)

Core 2
Core References
Vendor Advisory x_refsource_confirm
https://www.ibm.com/support/docview.wss?uid=ibm10871970
VDB Entry, Vendor Advisory vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/154284

Scores

CVSS v3 2.7
EPSS 0.0098
EPSS Percentile 57.7%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

Details

CWE
CWE-200
Status published
Products (1)
ibm/api_connect 5.0.0.0 - 5.0.8.6
Published May 22, 2019
Tracked Since Feb 18, 2026