IBM API Management 3.x before 3.0.1.0 allows local users to obtain sensitive ciphertext information via unspecified vectors. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.
IBM
Information Disclosure
Api Management
NVD
CVSS 2.0
2.1
EPSS
0.1%
The installer in IBM Security AppScan Source 8.x and 9.x through 9.0.1 has an open network port for a debug service, which allows remote attackers to obtain sensitive information by connecting to. Rated low severity (CVSS 1.8). No vendor patch available.
IBM
Information Disclosure
Security Appscan Source
NVD
CVSS 2.0
1.8
EPSS
0.1%