CVE-2014-3036

Unspecified vulnerability in IBM API Management 3.0.0.0, when basic authentication is used for APIs, allows remote attackers to bypass intended restrictions on topology access, and obtain sensitive information, via unknown vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:N/A:N
ibmCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 44%
VendorProductVersion
ibmapi_management
3.0.0.0
𝑥
= Vulnerable software versions
References
http://secunia.com/advisories/59044
http://www-01.ibm.com/support/docview.wss?uid=swg1LI78000
http://www-01.ibm.com/support/docview.wss?uid=swg21674232
http://www.securityfocus.com/bid/67941
https://exchange.xforce.ibmcloud.com/vulnerabilities/93302
http://secunia.com/advisories/59044
http://www-01.ibm.com/support/docview.wss?uid=swg1LI78000
http://www-01.ibm.com/support/docview.wss?uid=swg21674232
http://www.securityfocus.com/bid/67941
https://exchange.xforce.ibmcloud.com/vulnerabilities/93302