SQL Injection in IBM access control panel & Broken access in admin panel
Critical
I
IBM
Submitted None
Team Summary
Official summary from IBM
An application endpoint was found to be vulnerable to SQL Injection caused by a lack of sanitation on the client_id parameter. An adversary would eventually be able to read sensitive data from the database, or modify it as well as to execute administration operations. This was reported to IBM and remediated.
Actions:
Reported by
thecyberguy0
Report Details
Additional information and metadata
State
Closed
Substate
Resolved
Submitted
Weakness
SQL Injection