Question & Answer
Question
2023年に公開されたAPI Connect に関連する脆弱性情報はありますか?
Answer
12月6日現在、API Connectに関して以下の脆弱性情報が公開されています。
| 公開日 | タイトル |
CVSS
基本値
|
修正が含まれるfixレベル |
|---|---|---|---|
| 2023/12/04 | Security Bulletin: API Connect V10 is vulnerable to credential exposure | 6.2 | IBM recommends upgrading to 10.0.5.4 and 10.0.7.0 |
| 2023/05/30 | Security Bulletin: IBM API Connect is vulnerable to OpenSSL vulnerabilities (CVE-2022-4304, CVE-2023-0215, CVE-2023-0286) | 7.5 - 8.2 |
Addressed in IBM API Connect V10.0.5.3
Addressed in IBM API Connect V10.0.1.12
All components are impacted.
|
| 2023/3/22 | Security Bulletin: IBM API Connect is impacted by an improper access control vulnerability (CVE-2023-28522) | 4.3 |
Addressed in IBM API Connect V10.0.5.2
Addressed in IBM API Connect V10.0.1.11 The management server component is impacted. |
| 2023/2/1 | Security Bulletin: IBM API Connect is impacted by an external service interaction vulnerability (CVE-2022-34350) | 5.3 |
Addressed in IBM API Connect V10.0.5.1
Addressed in IBM API Connect V10.0.1.8
Addressed in IBM API Connect V2018.4.1.24
The portal component is impacted.
|
[{"Type":"MASTER","Line of Business":{"code":"LOB45","label":"Automation"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSMNED","label":"IBM API Connect"},"ARM Category":[{"code":"a8m50000000L0rvAAC","label":"API Connect"}],"ARM Case Number":"","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions"}]
Was this topic helpful?
Document Information
Modified date:
05 December 2023
UID
ibm16928909