Vulnerability Description
IBM API Management 3.0 before 3.0.4.0 IF1 allows remote attackers to obtain sensitive analytics information in an encrypted form via unspecified vectors.
CVSS Score
5.0
MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Api Management | 3.0.0.0 |
Related Weaknesses (CWE)
References
- http://www-01.ibm.com/support/docview.wss?uid=swg1LI78291
- http://www-01.ibm.com/support/docview.wss?uid=swg21694460PatchVendor Advisory
- http://www.securitytracker.com/id/1031613
- https://exchange.xforce.ibmcloud.com/vulnerabilities/98417
- http://www-01.ibm.com/support/docview.wss?uid=swg1LI78291
- http://www-01.ibm.com/support/docview.wss?uid=swg21694460PatchVendor Advisory
- http://www.securitytracker.com/id/1031613
- https://exchange.xforce.ibmcloud.com/vulnerabilities/98417
FAQ
What is CVE-2014-6172?
CVE-2014-6172 is a vulnerability with a CVSS score of 5.0 (MEDIUM). IBM API Management 3.0 before 3.0.4.0 IF1 allows remote attackers to obtain sensitive analytics information in an encrypted form via unspecified vectors.
How severe is CVE-2014-6172?
CVE-2014-6172 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-6172?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Api Management.