Credentials Exposure in IBM API Connect Software Package

Credentials Exposure in IBM API Connect Software Package

CVE-2016-3012 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

IBM API Connect (aka APIConnect) before 5.0.3.0 with NPM before 2.2.8 includes certain internal server credentials in the software package, which might allow remote attackers to bypass intended access restrictions by leveraging knowledge of these credentials.

Learn more about our Cis Benchmark Audit For Server Software.