VYPR

LoopBack

by IBM

CVEs (1)

  • CVE-2018-1778Dec 20, 2018
    risk 0.00cvss epss 0.03

    IBM LoopBack (IBM API Connect 2018.1, 2018.4.1, 5.0.8.0, and 5.0.8.4) could allow an attacker to bypass authentication if the AccessToken Model is exposed over a REST API, it is then possible for anyone to create an AccessToken for any User provided they know the userId and can…