IBM API Connect CVE-2017-1161 Command Execution Vulnerability

IBM API Connect is prone to an arbitrary command-execution vulnerability.

An attacker can exploit this issue to execute arbitrary command on the affected system with the privileges of the www-data user. This may aid in further attacks.

IBM API Connect 5.0 is vulnerable; other versions may also be affected.


Bugtraq ID: 97665
Class: Design Error
CVE: CVE-2017-1161

Remote: Yes
Local: No
Published: Mar 21 2017 12:00AM
Updated: Apr 14 2017 09:05PM
Credit: The vendor reported this issue.
Vulnerable: IBM API Connect 5.0

Not Vulnerable: IBM API Connect

Related Posts