Multiple vulnerabilities in IBM API Connect
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 65 |
| CVE-ID | CVE-2025-25724 CVE-2025-4517 CVE-2025-4435 CVE-2025-4330 CVE-2025-4138 CVE-2025-3576 CVE-2025-32414 CVE-2017-9047 CVE-2025-4565 CVE-2025-24928 CVE-2025-24528 CVE-2025-22874 CVE-2025-0938 CVE-2024-8176 CVE-2024-7143 CVE-2025-4563 CVE-2025-47273 CVE-2024-55549 CVE-2025-7338 CVE-2025-8941 CVE-2025-7969 CVE-2025-7783 CVE-2025-7425 CVE-2025-7339 CVE-2025-6493 CVE-2025-5222 CVE-2025-6020 CVE-2025-59343 CVE-2025-5914 CVE-2025-58754 CVE-2025-57810 CVE-2025-54798 CVE-2025-54370 CVE-2024-56171 CVE-2024-52533 CVE-2023-40403 CVE-2024-12718 CVE-2024-12243 CVE-2024-12133 CVE-2024-10963 CVE-2023-43804 CVE-2023-2728 CVE-2024-28849 CVE-2023-2727 CVE-2023-26159 CVE-2022-49043 CVE-2022-48646 CVE-2022-28948 CVE-2020-36732 CVE-2024-26726 CVE-2024-28863 CVE-2024-50345 CVE-2024-38540 CVE-2024-46857 CVE-2024-46820 CVE-2024-45338 CVE-2024-41082 CVE-2024-40918 CVE-2024-38608 CVE-2024-37891 CVE-2024-36945 CVE-2024-35939 CVE-2024-35839 CVE-2024-35826 CVE-2022-30635 |
| CWE-ID | CWE-119 CWE-22 CWE-440 CWE-59 CWE-327 CWE-125 CWE-674 CWE-121 CWE-787 CWE-693 CWE-20 CWE-277 CWE-285 CWE-416 CWE-248 CWE-79 CWE-330 CWE-241 CWE-400 CWE-284 CWE-415 CWE-770 CWE-835 CWE-918 CWE-193 CWE-287 CWE-200 CWE-264 CWE-601 CWE-476 CWE-502 CWE-667 CWE-399 CWE-682 |
| Exploitation vector | Network |
| Public exploit |
Public exploit code for vulnerability #8 is available. Public exploit code for vulnerability #22 is available. Public exploit code for vulnerability #30 is available. Public exploit code for vulnerability #41 is available. Public exploit code for vulnerability #42 is available. Public exploit code for vulnerability #51 is available. |
| Vulnerable software |
IBM API Connect Client/Desktop applications / Office applications |
| Vendor | IBM Corporation |
Security Bulletin
This security bulletin contains information about 65 vulnerabilities.
1) Buffer overflow
EUVDB-ID: #VU105900
Risk: High
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-25724
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing .tar files within the list_item_verbose() function in tar/util.c. A remote attacker can create a specially crafted archive, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM API Connect: 10.0.8.0 - 10.0.8.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7250974
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Path traversal
EUVDB-ID: #VU111966
Risk: High
CVSSv4.0: 8 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-4517
CWE-ID:
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to input validation error in the tarfile module when extracting files from an archive with filter="data". A remote attacker can pass specially crafted archive to the application and write files to arbitrary locations on the system outside the extraction directory.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM API Connect: 10.0.8.0 - 10.0.8.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7250974
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Expected behavior violation
EUVDB-ID: #VU111970
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-4435
CWE-ID:
CWE-440 - Expected Behavior Violation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to change expected behavior.
The vulnerability exists due to an error when using a TarFile.errorlevel = 0 and extracting with a filter the documented behavior. A remote attacker can force the application to extract files that were meant to be skipped.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM API Connect: 10.0.8.0 - 10.0.8.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7250974
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Link following
EUVDB-ID: #VU111967
Risk: High
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-4330
CWE-ID:
CWE-59 - Improper Link Resolution Before File Access ('Link Following')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to an insecure link following issue when extracting data from an archive in the tarfile module. A remote attacker can pass a specially crafted archive to the application and overwrite arbitrary files outside the destination directory.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM API Connect: 10.0.8.0 - 10.0.8.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7250974
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Link following
EUVDB-ID: #VU111968
Risk: High
CVSSv4.0: 4.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-4138
CWE-ID:
CWE-59 - Improper Link Resolution Before File Access ('Link Following')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to an insecure link following issue when extracting data from an archive in the tarfile module. A remote attacker can pass a specially crafted archive to the application and overwrite arbitrary files outside the destination directory during extraction with filter="data"..
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM API Connect: 10.0.8.0 - 10.0.8.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7250974
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Use of a broken or risky cryptographic algorithm
EUVDB-ID: #VU112440
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2025-3576
CWE-ID:
CWE-327 - Use of a Broken or Risky Cryptographic Algorithm
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform MitM attack.
The vulnerability exists due to usage of RC4-HMAC-MD algorithm for GSSAPI-protected messages. A remote attacker can perform MitM attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM API Connect: 10.0.8.0 - 10.0.8.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7250974
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Out-of-bounds read
EUVDB-ID: #VU107595
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2025-32414
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service attack.
The vulnerability exists due to an out-of-bounds read that occurs in the Python API (Python bindings) because of an incorrect return value. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM API Connect: 10.0.8.0 - 10.0.8.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7250974
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Memory corruption
EUVDB-ID: #VU9687
Risk: Low
CVSSv4.0: 5.5 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/U:Clear]
CVE-ID: CVE-2017-9047
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to cause DoS condition on the target system.
The weakness exists in the xmlSnprintfElementContent function of XMLSoft libxml2 due to improper memory handling by the valid.c source code. A remote attacker can send a specially crafted XML file, trigger memory corruption and cause the service to crash.
Successful exploitation of the vulnerability results in denial of service.
Install update from vendor's website.
Vulnerable software versionsIBM API Connect: 10.0.8.0 - 10.0.8.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7250974
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
9) Uncontrolled Recursion
EUVDB-ID: #VU112882
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2025-4565
CWE-ID:
CWE-674 - Uncontrolled Recursion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
the vulnerability exists due to uncontrolled recursion when parsing untrusted data containing an arbitrary number of recursive groups, recursive messages or a series of SGROUP tags. A remote attacker send specially crafted input to the application and can perform a denial of service attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM API Connect: 10.0.8.0 - 10.0.8.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7250974
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Stack-based buffer overflow
EUVDB-ID: #VU104098
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-24928
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the xmlSnprintfElements() function in valid.c. A remote attacker can pass specially crafted XML data to the application, trigger a stack-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM API Connect: 10.0.8.0 - 10.0.8.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7250974
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Out-of-bounds write
EUVDB-ID: #VU103504
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2025-24528
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
Description The vulnerability allows a remote user to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error when calculating ulog block size in kadmind. A remote user can trigger an out-of-bounds write and perform a denial of service (DoS) attack.
Install update from vendor's website.
Vulnerable software versionsIBM API Connect: 10.0.8.0 - 10.0.8.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7250974
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the local network (LAN).
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Protection Mechanism Failure
EUVDB-ID: #VU110253
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-22874
CWE-ID:
CWE-693 - Protection Mechanism Failure
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass implemented security restrictions.
The vulnerability exists due to an error in crypto/x509 when using ExtKeyUsageAny. When calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny it disables policy validation.
This only affected certificate chains which contain policy graphs, which are rather uncommon.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM API Connect: 10.0.8.0 - 10.0.8.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7250974
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
13) Input validation error
EUVDB-ID: #VU103812
Risk: Low
CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-0938
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass implemented security restrictions.
The vulnerability exists due to urllib.parse.urlsplit and urlparse accept domain names with square brackets. A remote attacker can pass specially crafted input to the application and bypass implemented security restrictions.
Install update from vendor's website.
Vulnerable software versionsIBM API Connect: 10.0.8.0 - 10.0.8.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7250974
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
14) Stack-based buffer overflow
EUVDB-ID: #VU105723
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2024-8176
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when handling XML content. A remote attacker can pass specially crafted XML content to the application, trigger a stack-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM API Connect: 10.0.8.0 - 10.0.8.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7250974
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
15) Insecure inherited permissions
EUVDB-ID: #VU97631
Risk: Medium
CVSSv4.0: 1.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-7143
CWE-ID:
CWE-277 - Insecure inherited permissions
Exploit availability: No
DescriptionThe vulnerability allows a remote user to escalate privileges within the application.
The vulnerability exists due to the way permissions are assigned on new tasks with RBAC enabled. A remote user can use a specially crafted task that creates new objects. Such objects will be owned by the oldest user with model/domain-level task permissions within the application and executed with privileges of such a user.
Install update from vendor's website.
Vulnerable software versionsIBM API Connect: 10.0.8.0 - 10.0.8.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7250974
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
16) Improper Authorization
EUVDB-ID: #VU111971
Risk: Low
CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:L/SI:L/SA:L/E:U/U:Clear]
CVE-ID: CVE-2025-4563
CWE-ID:
CWE-285 - Improper Authorization
Exploit availability: No
DescriptionThe vulnerability allows a malicious node to bypass dynamic resource allocation authorization checks.
The vulnerability exists due to missing authorization checks in DynamicResourceAllocation feature gate within the NodeRestriction admission controller. A malicious node can create mirror pods that access unauthorized dynamic resources, leading to denial of service or potential privilege escalation.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM API Connect: 10.0.8.0 - 10.0.8.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7250974
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
17) Path traversal
EUVDB-ID: #VU109840
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-47273
CWE-ID:
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to input validation error when processing directory traversal sequences in package_index.py. A remote attacker can trick the victim into installing a specially crafted script and overwrite arbitrary files on the system, leading to code execution.
Install update from vendor's website.
Vulnerable software versionsIBM API Connect: 10.0.8.0 - 10.0.8.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7250974
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
18) Use-after-free
EUVDB-ID: #VU105879
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2024-55549
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error in xsltGetInheritedNsList. A remote attacker can pass specially crafted input to the application, trigger a use-after-free error and execute arbitrary code on the system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM API Connect: 10.0.8.0 - 10.0.8.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7250974
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
19) Uncaught Exception
EUVDB-ID: #VU113032
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2025-7338
CWE-ID:
CWE-248 - Uncaught Exception
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to uncaught exception. A remote user can send a specially crafted multi-part upload request and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM API Connect: 10.0.8.0 - 10.0.8.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7250974
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
20) Link following
EUVDB-ID: #VU114769
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-8941
CWE-ID:
CWE-59 - Improper Link Resolution Before File Access ('Link Following')
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to an insecure link following issue in the pam_namespace module. A local user can create a specially crafted symbolic link to a critical file on the system and overwrite it with privileges of the application.
The vulnerability exists due to incomplete fix for #VU111389 (CVE-2025-6020).
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM API Connect: 10.0.8.0 - 10.0.8.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7250974
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
21) Cross-site scripting
EUVDB-ID: #VU118195
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/U:Green]
CVE-ID: CVE-2025-7969
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data. The vulnerability allows Cross-Site Scripting (XSS).
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM API Connect: 10.0.8.0 - 10.0.8.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7250974
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
22) Use of insufficiently random values
EUVDB-ID: #VU113173
Risk: Medium
CVSSv4.0: 5.5 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/U:Green]
CVE-ID: CVE-2025-7783
CWE-ID:
CWE-330 - Use of Insufficiently Random Values
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to perform parameter injection attacks.
The vulnerability exists due to software uses a weak Math.random() method to generated random values for multipart form-encoded data. A remote attacker can observe values produced by Math.random in the target application and predict the random number used to generate form-data's boundary value and inject arbitrary parameters into requests.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM API Connect: 10.0.8.0 - 10.0.8.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7250974
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
23) Use-after-free
EUVDB-ID: #VU113533
Risk: High
CVSSv4.0: 7.2 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-7425
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error within the xsltSetSourceNodeFlags() function. A remote attacker can pass specially crafted XML input to the application, trigger memory corruption and execute arbitrary code on the system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM API Connect: 10.0.8.0 - 10.0.8.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7250974
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
24) Improper Handling of Unexpected Data Type
EUVDB-ID: #VU114392
Risk: Low
CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-7339
CWE-ID:
CWE-241 - Improper Handling of Unexpected Data Type
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to excessive data output by the application. A remote attacker can inadvertently modify response headers when an array is passed to `response.writeHead()`
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM API Connect: 10.0.8.0 - 10.0.8.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7250974
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
25) Resource exhaustion
EUVDB-ID: #VU115828
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2025-6493
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources in the functionality of the file mode/markdown/markdown.js of the component Markdown Mode. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM API Connect: 10.0.8.0 - 10.0.8.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7250974
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
26) Stack-based buffer overflow
EUVDB-ID: #VU114088
Risk: High
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-5222
CWE-ID:
CWE-121 - Stack-based buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the SRBRoot::addTag() function in genrb binary. A remote unauthenticated attacker can pass a specially crafted input to the application, trigger a stack-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM API Connect: 10.0.8.0 - 10.0.8.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7250974
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
27) Improper access control
EUVDB-ID: #VU111389
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-6020
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to improper access restrictions within the pam_namespace module when handling user-controlled paths. A local user can use specially crafted symlinks and race conditions to execute arbitrary code as root.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM API Connect: 10.0.8.0 - 10.0.8.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7250974
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
28) Path traversal
EUVDB-ID: #VU117332
Risk: High
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-59343
CWE-ID:
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform directory traversal attacks.
The vulnerability exists due to symlink validation bypass if the destination directory is predictable with a specific tarball. A remote attacker can send a specially crafted HTTP request and read arbitrary files on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM API Connect: 10.0.8.0 - 10.0.8.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7250974
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
29) Double free
EUVDB-ID: #VU111143
Risk: High
CVSSv4.0: 5.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-5914
CWE-ID:
CWE-415 - Double Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the archive_read_format_rar_seek_data() function. A remote attacker can pass specially crafted data to the application, trigger a double free error and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM API Connect: 10.0.8.0 - 10.0.8.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7250974
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
30) Allocation of Resources Without Limits or Throttling
EUVDB-ID: #VU115167
Risk: Medium
CVSSv4.0: 7.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/U:Green]
CVE-ID: CVE-2025-58754
CWE-ID:
CWE-770 - Allocation of Resources Without Limits or Throttling
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to allocation of resources without limits within data: URL decode. A remote attacker can cause a denial of service condition on the target system.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM API Connect: 10.0.8.0 - 10.0.8.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7250974
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
31) Infinite loop
EUVDB-ID: #VU114450
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2025-57810
CWE-ID:
CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the addImage method. A remote attacker can consume all available system resources and cause denial of service conditions.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM API Connect: 10.0.8.0 - 10.0.8.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7250974
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
32) Link following
EUVDB-ID: #VU118198
Risk: Low
CVSSv4.0: 0.4 [CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-54798
CWE-ID:
CWE-59 - Improper Link Resolution Before File Access ('Link Following')
Exploit availability: No
DescriptionThe vulnerability allows a local user to modify data on the system.
The vulnerability exists due to an insecure link following issue. A local user can create a specially crafted symbolic link to a critical file on the system and overwrite it with privileges of the application.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM API Connect: 10.0.8.0 - 10.0.8.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7250974
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
33) Server-Side Request Forgery (SSRF)
EUVDB-ID: #VU115228
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2025-54370
CWE-ID:
CWE-918 - Server-Side Request Forgery (SSRF)
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote attacker to perform SSRF attacks.
The vulnerability exists due to the affected extension bundles a vulnerable version of "phpoffice/phpspreadsheet". A remote attacker can send a specially crafted HTTP request and trick the application to initiate requests to arbitrary systems.
Successful exploitation of this vulnerability may allow a remote attacker gain access to sensitive data, located in the local network or send malicious requests to other servers from the vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM API Connect: 10.0.8.0 - 10.0.8.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7250974
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
34) Use-after-free
EUVDB-ID: #VU104099
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2024-56171
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error within the xmlSchemaIDCFillNodeTables() and xmlSchemaBubbleIDCNodeTables() functions in xmlschemas.c. A remote attacker can pass specially crafted XML document to the application, trigger a use-after-free error and execute arbitrary code on the system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM API Connect: 10.0.8.0 - 10.0.8.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7250974
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
35) Off-by-one
EUVDB-ID: #VU100566
Risk: High
CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2024-52533
CWE-ID:
CWE-193 - Off-by-one Error
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to an off-by-one error in gio/gsocks4aproxy.c when handling responses from SOCKS4 proxy. A remote attacker can trick the victim into connecting to a malicious SOCKS4 proxy server, trigger an off-by-one error and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM API Connect: 10.0.8.0 - 10.0.8.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7250974
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
36) Out-of-bounds read
EUVDB-ID: #VU81168
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-40403
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in libxslt. A remote attacker can create a specially crafted website, trick the victim into opening it, trigger an out-of-bounds read error and read contents of memory on the system.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM API Connect: 10.0.8.0 - 10.0.8.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7250974
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
37) Path traversal
EUVDB-ID: #VU111969
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-12718
CWE-ID:
CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to modify arbitrary files on the system.
The vulnerability exists due to input validation error in the tarfile module. A remote attacker can pass a specially crafted archive to the application and modify some file metadata (e.g. last modified) with filter="data" or file permissions (chmod) with filter="tar" of files outside the extraction directory.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM API Connect: 10.0.8.0 - 10.0.8.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7250974
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
38) Resource exhaustion
EUVDB-ID: #VU104044
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-12243
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to libtasn1 does not properly control consumption of internal resources when decoding certain DER-encoded certificate data. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM API Connect: 10.0.8.0 - 10.0.8.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7250974
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
39) Resource exhaustion
EUVDB-ID: #VU103980
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-12133
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources processing a large number of SEQUENCE OF or SET OF elements in a certificate. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM API Connect: 10.0.8.0 - 10.0.8.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7250974
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
40) Improper authentication
EUVDB-ID: #VU100912
Risk: Medium
CVSSv4.0: 6.9 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-10963
CWE-ID:
CWE-287 - Improper Authentication
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass authentication process.
The vulnerability exists due to an error in pam_access module where certain rules in its configuration file are mistakenly treated as hostnames. A remote attacker can bypass authentication process and gain unauthorized access to the system.
Install update from vendor's website.
Vulnerable software versionsIBM API Connect: 10.0.8.0 - 10.0.8.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7250974
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
41) Information disclosure
EUVDB-ID: #VU81322
Risk: Low
CVSSv4.0: 2.9 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/U:Clear]
CVE-ID: CVE-2023-43804
CWE-ID:
CWE-200 - Exposure of sensitive information to an unauthorized actor
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to urllib does not strip the "Cookie" HTTP header during cross-origin HTTP redirects. A remote attacker can gain unauthorized access to sensitive information.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM API Connect: 10.0.8.0 - 10.0.8.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7250974
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
42) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU77526
Risk: Medium
CVSSv4.0: 7.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:P/U:Green]
CVE-ID: CVE-2023-2728
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: Yes
DescriptionThe vulnerability allows a remote user to bypass implemented security restrictions.
The vulnerability exists due to improperly imposed security restrictions. A remote user can launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using ephemeral containers.Kubernetes clusters are only affected if the ServiceAccount admission plugin and the kubernetes.io/enforce-mountable-secrets annotation are used together with ephemeral containers.
Install update from vendor's website.
Vulnerable software versionsIBM API Connect: 10.0.8.0 - 10.0.8.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7250974
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
43) Information disclosure
EUVDB-ID: #VU87551
Risk: Low
CVSSv4.0: 0.5 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-28849
CWE-ID:
CWE-200 - Exposure of sensitive information to an unauthorized actor
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to credentials are shared via headers when following cross-domain redirects. A remote attacker can gain access to sensitive information.
Install update from vendor's website.
Vulnerable software versionsIBM API Connect: 10.0.8.0 - 10.0.8.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7250974
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
44) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU77525
Risk: Medium
CVSSv4.0: 6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-2727
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote user to bypass implemented security restrictions.
The vulnerability exists due to improperly imposed security restrictions. A remote user can launch containers using images that are restricted by ImagePolicyWebhook when using ephemeral containers.
Kubernetes clusters are only affected if the ImagePolicyWebhook admission plugin is used together with ephemeral containers.
Install update from vendor's website.
Vulnerable software versionsIBM API Connect: 10.0.8.0 - 10.0.8.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7250974
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
45) Open redirect
EUVDB-ID: #VU85369
Risk: Low
CVSSv4.0: 0.5 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-26159
CWE-ID:
CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to redirect victims to arbitrary URL.
The vulnerability exists due to improper sanitization of user-supplied data within the url.parse() function. A remote attacker can create a link that leads to a trusted website, however, when clicked, redirects the victim to arbitrary domain.
Successful exploitation of this vulnerability may allow a remote attacker to perform a phishing attack and steal potentially sensitive information.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM API Connect: 10.0.8.0 - 10.0.8.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7250974
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
46) Use-after-free
EUVDB-ID: #VU103502
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-49043
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a use-after-free error within the xmlXIncludeAddNode() function in xinclude.c. A remote attacker can pass specially crafted XML input to the application, trigger a use-after-free error and crash the application or potentially execute arbitrary code.
Install update from vendor's website.
Vulnerable software versionsIBM API Connect: 10.0.8.0 - 10.0.8.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7250974
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
47) NULL pointer dereference
EUVDB-ID: #VU90565
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-48646
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the efx_siena_hard_start_xmit() function in drivers/net/ethernet/sfc/siena/tx.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM API Connect: 10.0.8.0 - 10.0.8.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7250974
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
48) Deserialization of Untrusted Data
EUVDB-ID: #VU64275
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-28948
CWE-ID:
CWE-502 - Deserialization of Untrusted Data
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service attack.
The vulnerability exists due to insecure input validation when processing serialized data in the Unmarshal function. A remote attacker can pass specially crafted data to the application and perform a denial of service (DoS) attack.
Install update from vendor's website.
Vulnerable software versionsIBM API Connect: 10.0.8.0 - 10.0.8.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7250974
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
49) Use of insufficiently random values
EUVDB-ID: #VU83992
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2020-36732
CWE-ID:
CWE-330 - Use of Insufficiently Random Values
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to the application generates random numbers by concatenating the string "0." with an
integer, which makes the output more predictable than necessary. A remote attacker can gain access to sensitive information.
Install update from vendor's website.
Vulnerable software versionsIBM API Connect: 10.0.8.0 - 10.0.8.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7250974
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
50) Improper locking
EUVDB-ID: #VU90791
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-26726
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the clear_extent_uptodate() function in fs/btrfs/inode.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM API Connect: 10.0.8.0 - 10.0.8.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7250974
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
51) Resource exhaustion
EUVDB-ID: #VU87734
Risk: Medium
CVSSv4.0: 5.5 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/U:Green]
CVE-ID: CVE-2024-28863
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources while parsing a tar file. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM API Connect: 10.0.8.0 - 10.0.8.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7250974
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
52) Open redirect
EUVDB-ID: #VU99965
Risk: Low
CVSSv4.0: 0.5 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-50345
CWE-ID:
CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to redirect victims to arbitrary URL.
The vulnerability exists due to improper sanitization of user-supplied data within the Request class. A remote attacker can create a link that leads to a trusted website, however, when clicked, redirects the victim to arbitrary domain.
Successful exploitation of this vulnerability may allow a remote attacker to perform a phishing attack and steal potentially sensitive information.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM API Connect: 10.0.8.0 - 10.0.8.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7250974
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
53) Out-of-bounds read
EUVDB-ID: #VU92331
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-38540
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the bnxt_qplib_create_qp() function in drivers/infiniband/hw/bnxt_re/qplib_fp.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM API Connect: 10.0.8.0 - 10.0.8.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7250974
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
54) NULL pointer dereference
EUVDB-ID: #VU97801
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46857
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mlx5_eswitch_set_vepa() and mlx5_eswitch_get_vepa() functions in drivers/net/ethernet/mellanox/mlx5/core/esw/legacy.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM API Connect: 10.0.8.0 - 10.0.8.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7250974
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
55) Resource management error
EUVDB-ID: #VU97826
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-46820
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the vcn_v5_0_0_hw_fini(), vcn_v5_0_0_set_powergating_state() and vcn_v5_0_0_process_interrupt() functions in drivers/gpu/drm/amd/amdgpu/vcn_v5_0_0.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM API Connect: 10.0.8.0 - 10.0.8.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7250974
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
56) Resource exhaustion
EUVDB-ID: #VU101868
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-45338
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources in several Parse functions. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM API Connect: 10.0.8.0 - 10.0.8.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7250974
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
57) Resource management error
EUVDB-ID: #VU95073
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-41082
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the nvmf_reg_read32(), nvmf_reg_read64() and nvmf_reg_write32() functions in drivers/nvme/host/fabrics.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM API Connect: 10.0.8.0 - 10.0.8.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7250974
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
58) Improper locking
EUVDB-ID: #VU94280
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-40918
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the PTR_PAGE_ALIGN_DOWN(), __flush_cache_page(), flush_icache_pages(), pte_needs_flush(), flush_dcache_folio(), purge_kernel_dcache_page_asm(), copy_user_highpage(), __flush_tlb_range(), flush_cache_range(), flush_anon_page() and invalidate_kernel_vmap_range() functions in arch/parisc/kernel/cache.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM API Connect: 10.0.8.0 - 10.0.8.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7250974
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
59) NULL pointer dereference
EUVDB-ID: #VU92341
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-38608
CWE-ID:
CWE-476 - NULL Pointer Dereference
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mlx5e_resume(), _mlx5e_suspend(), mlx5e_suspend(), _mlx5e_probe() and _mlx5e_remove() functions in drivers/net/ethernet/mellanox/mlx5/core/en_main.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM API Connect: 10.0.8.0 - 10.0.8.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7250974
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
60) Information disclosure
EUVDB-ID: #VU92262
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-37891
CWE-ID:
CWE-200 - Exposure of sensitive information to an unauthorized actor
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to Prox-Authorization header is not stripped during cross-origin redirects when using urllib3's proxy support with ProxyManager. A remote attacker can gain obtain proxy credentials used by the library.
Install update from vendor's website.
Vulnerable software versionsIBM API Connect: 10.0.8.0 - 10.0.8.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7250974
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
61) Information disclosure
EUVDB-ID: #VU91322
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-36945
CWE-ID:
CWE-200 - Exposure of sensitive information to an unauthorized actor
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the smc_ib_find_route() function in net/smc/smc_ib.c. A local user can gain access to sensitive information.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM API Connect: 10.0.8.0 - 10.0.8.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7250974
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
62) Information disclosure
EUVDB-ID: #VU91344
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-35939
CWE-ID:
CWE-200 - Exposure of sensitive information to an unauthorized actor
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the dma_direct_alloc(), __dma_direct_free_pages() and dma_direct_alloc_pages() functions in kernel/dma/direct.c. A local user can gain access to sensitive information.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM API Connect: 10.0.8.0 - 10.0.8.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7250974
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
63) Improper locking
EUVDB-ID: #VU93386
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-35839
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nf_reject6_fill_skb_dst() and nf_send_reset6() functions in net/ipv6/netfilter/nf_reject_ipv6.c, within the nf_reject_fill_skb_dst() and nf_send_reset() functions in net/ipv4/netfilter/nf_reject_ipv4.c, within the br_nf_pre_routing_finish_ipv6() function in net/bridge/br_netfilter_ipv6.c, within the br_nf_pre_routing_finish_bridge(), br_nf_ipv4_daddr_was_changed(), bridge_parent_rtable(), skb_dst_set_noref(), setup_pre_routing(), br_nf_forward_finish(), ip_sabotage_in() and br_nf_pre_routing_finish_bridge_slow() functions in net/bridge/br_netfilter_hooks.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM API Connect: 10.0.8.0 - 10.0.8.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7250974
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
64) Incorrect calculation
EUVDB-ID: #VU93757
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-35826
CWE-ID:
CWE-682 - Incorrect Calculation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the __bio_release_pages() function in block/bio.c. A local user can perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM API Connect: 10.0.8.0 - 10.0.8.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7250974
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
The attacker would have to login to the system and perform certain actions in order to exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
65) Resource exhaustion
EUVDB-ID: #VU66068
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-30635
CWE-ID:
CWE-400 - Resource exhaustion
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources when calling Decoder.Decode on a message which contains deeply nested structures. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsIBM API Connect: 10.0.8.0 - 10.0.8.4
CPE2.3- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm_corporation:ibm_api_connect:10.0.8.2:*:*:*:*:*:*:*
https://www.ibm.com/support/pages/node/7250974
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
How the attacker can exploit this vulnerability?
The attacker would have to trick the victim to visit a specially crafted website or open a file.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
