Vulnerability Description
IBM API Connect 5.0.0.0, and 5.0.8.6 could could return sensitive information that could provide critical information as to the underlying software stack in CMC UI headers. IBM X-Force ID: 154284.
CVSS Score
2.7
LOW
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Api Connect | >= 5.0.0.0, <= 5.0.8.6 |
Related Weaknesses (CWE)
References
- https://exchange.xforce.ibmcloud.com/vulnerabilities/154284VDB EntryVendor Advisory
- https://www.ibm.com/support/docview.wss?uid=ibm10871970Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/154284VDB EntryVendor Advisory
- https://www.ibm.com/support/docview.wss?uid=ibm10871970Vendor Advisory
FAQ
What is CVE-2018-1991?
CVE-2018-1991 is a vulnerability with a CVSS score of 2.7 (LOW). IBM API Connect 5.0.0.0, and 5.0.8.6 could could return sensitive information that could provide critical information as to the underlying software stack in CMC UI headers. IBM X-Force ID: 154284.
How severe is CVE-2018-1991?
CVE-2018-1991 has been rated LOW with a CVSS base score of 2.7/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-1991?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Api Connect.