CVE-2014-3036
First published: Sun Jun 08 2014(Updated: )
Unspecified vulnerability in IBM API Management 3.0.0.0, when basic authentication is used for APIs, allows remote attackers to bypass intended restrictions on topology access, and obtain sensitive information, via unknown vectors.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM API Management | =3.0.0.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2014-3036?
CVE-2014-3036 is considered a high severity vulnerability due to its potential to allow sensitive information exposure.
How do I fix CVE-2014-3036?
To fix CVE-2014-3036, users should upgrade to a version of IBM API Management that addresses the vulnerability.
What versions are affected by CVE-2014-3036?
CVE-2014-3036 specifically affects IBM API Management version 3.0.0.0.
What kind of attacks are possible due to CVE-2014-3036?
CVE-2014-3036 allows remote attackers to bypass access restrictions and obtain sensitive information.
Is basic authentication related to CVE-2014-3036?
Yes, CVE-2014-3036 specifically involves vulnerabilities associated with basic authentication in IBM API Management.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/severity
- agent/last-modified-date
- agent/author
- agent/first-publish-date
- agent/tags
- agent/event
- agent/description
- agent/source
- vendor/ibm
- canonical/ibm api management
- version/ibm api management/3.0.0.0