IBM API Connect Vulnerability (CVE-2023-28522) Summary IBM API Connect has addressed an improper access control vulnerability (CVE-2023-28522). Key Information Vulnerability Details CVEID: CVE-2023-28522 Description: IBM API Connect V10 can allow an authenticated user to perform actions that they should not have access to. CVSS Base Score: 4.3 CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N) Affected Products and Versions Remediation/Fixes Workarounds and Mitigations None Reporting and Acknowledgement The vulnerability was reported to IBM by George Mathias.