CVE-2014-3036

high

Description

Unspecified vulnerability in IBM API Management 3.0.0.0, when basic authentication is used for APIs, allows remote attackers to bypass intended restrictions on topology access, and obtain sensitive information, via unknown vectors.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/93302

http://www.securityfocus.com/bid/67941

http://www-01.ibm.com/support/docview.wss?uid=swg21674232

http://www-01.ibm.com/support/docview.wss?uid=swg1LI78000

http://secunia.com/advisories/59044

Details

Source: Mitre, NVD

Published: 2014-06-08

Updated: 2026-06-17

Risk Information

CVSS v2

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Severity: High

EPSS

EPSS: 0.00218