IBM API Connect 10.0.0.0 through 10.0.5.0, 10.0.1.0 through 10.0.1.7, and 2018.4.1.0 through 2018.4.1.20 is vulnerable to External Service Interaction attack, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to induce the application to perform server-side DNS lookups or HTTP requests to arbitrary domain names. By submitting suitable payloads, an attacker can cause the application server to attack other systems that it can interact with. IBM X-Force ID: 230264.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: ibm

Published: 2023-02-08T19:12:31.221Z

Updated: 2024-08-03T09:07:16.135Z

Reserved: 2022-06-23T13:42:39.338Z

Link: CVE-2022-34350

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2023-02-08T20:15:23.793

Modified: 2023-11-07T03:48:33.697

Link: CVE-2022-34350

cve-icon Redhat

No data.