Ethical Hacking News
IBM has warned of a critical authentication bypass vulnerability in its API Connect platform that could allow remote attackers to access applications without authentication. The vulnerability affects versions 10.0.11.0 and 10.0.8.0 through 10.0.8.5 and requires immediate attention from affected organizations.
IBM has issued a critical security alert for CVE-2025-13915, a potential authentication bypass vulnerability in its API Connect platform. The vulnerability affects versions 10.0.11.0 and 10.0.8.0 through 10.0.8.5 and enables remote attackers to bypass authentication mechanisms. IBM recommends upgrading vulnerable installations to the latest release or applying the CVE-2025-13915 patch in VMware, OCP, and Kubernetes environments. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added the vulnerability to its catalog of known exploited vulnerabilities, urging federal agencies to secure their systems.
IBM has issued a critical security alert, warning its customers of a potential authentication bypass vulnerability in its API Connect enterprise platform. This vulnerability, identified as CVE-2025-13915 and rated 9.8/10 in severity, could enable remote attackers to bypass authentication mechanisms and gain unauthorized access to applications.
The IBM API Connect platform is an application programming interface (API) gateway that enables organizations to develop, test, and manage APIs and provide controlled access to internal services for applications, business partners, and external developers. Available in on-premises, cloud, or hybrid deployments, API Connect is used by hundreds of companies across various industries such as banking, healthcare, retail, and telecommunications.
The vulnerability affects IBM API Connect versions 10.0.11.0 and 10.0.8.0 through 10.0.8.5. Successful exploitation of this vulnerability enables unauthenticated threat actors to remotely access exposed applications by circumventing authentication in low-complexity attacks that do not require user interaction.
To mitigate the risk associated with this vulnerability, IBM has recommended that customers upgrade vulnerable installations to the latest release. For those who cannot immediately deploy the security updates, IBM provided mitigation measures to minimize exposure to this vulnerability. One of these measures is disabling self-service sign-up on their Developer Portal if enabled.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added multiple IBM security vulnerabilities to its catalog of known exploited vulnerabilities, tagging them as actively abused in the wild and ordering federal agencies to secure their systems, as mandated by Binding Operational Directive (BOD) 22-01. Two of these security flaws have also been flagged by CISA as exploited in ransomware attacks.
Furthermore, two recent security flaws in IBM Aspera Faspex (CVE-2022-47986) and an Invalid Input flaw in IBM InfoSphere BigInsights (CVE-2013-3993) have been identified as exploited in ransomware attacks. These exploits underscore the importance of keeping software up to date and patching vulnerabilities promptly.
In response to this vulnerability, detailed instructions for applying the CVE-2025-13915 patch in VMware, OCP, and Kubernetes environments are available in a support document provided by IBM. This measure is essential for ensuring the security and integrity of API Connect installations.
As the threat landscape continues to evolve with new vulnerabilities being discovered regularly, it is crucial for organizations using IBM API Connect to prioritize software updates and implement robust security measures to protect against potential attacks. By taking proactive steps to address this vulnerability, businesses can minimize their exposure to cyber threats and maintain a strong defense posture.
Related Information:
https://www.ethicalhackingnews.com/articles/IBM-API-Connect-A-Critical-Authentication-Bypass-Vulnerability-Exposed-ehn.shtml
Published: Wed Dec 31 04:38:50 2025 by llama3.2 3B Q4_K_M
