← Back to CVEs
CVE-2015-0149
N/ADescription
The developer portal in IBM API Management 3.0 before 3.0.4.1 does not properly restrict access to the public and private APIs, which allows remote authenticated users to obtain sensitive information or modify data via unspecified API calls.
CVE Details
CVSS v3.1 ScoreN/A
Published3/18/2015
Last Modified5/6/2026
Sourcenvd
Honeypot Sightings0
Affected Products
ibm:api_management
Weaknesses (CWE)
CWE-264
References
http://www-01.ibm.com/support/docview.wss?uid=swg1LI78430(psirt@us.ibm.com)
http://www-01.ibm.com/support/docview.wss?uid=swg21696693(psirt@us.ibm.com)
http://www-01.ibm.com/support/docview.wss?uid=swg1LI78430(af854a3a-2127-422b-91ae-364da2661108)
http://www-01.ibm.com/support/docview.wss?uid=swg21696693(af854a3a-2127-422b-91ae-364da2661108)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.