IBM API Connect 12.1.0.012.1.0.3 Default Credentials Unauth Access
CVE-2026-3144 Published on July 8, 2026

IBM API Connect Default Credentials
IBM API Connect 12.1.0.0 through 12.1.0.3 uses default credentials which could allow an attacker to gain unauthorized access to the application before the system enforces a credential update.

Vendor Advisory NVD

Vulnerability Analysis

CVE-2026-3144 is exploitable with network access, and does not require authorization privileges or user interaction. This vulnerability is consided to have a high level of attack complexity. The potential impact of an exploit of this vulnerability is considered to be very high.

Attack Vector:
NETWORK
Attack Complexity:
HIGH
Privileges Required:
NONE
User Interaction:
NONE
Scope:
UNCHANGED
Confidentiality Impact:
HIGH
Integrity Impact:
HIGH
Availability Impact:
HIGH

Weakness Type

CWE-1392

Products Associated with CVE-2026-3144

Want to know whenever a new CVE is published for IBM Api Connect? stack.watch will email you.

 

Affected Versions

IBM API Connect: