IBM API Connect 12.1.0.012.1.0.3 Default Credentials Unauth Access
CVE-2026-3144 Published on July 8, 2026
IBM API Connect Default Credentials
IBM API Connect 12.1.0.0 through 12.1.0.3 uses default credentials which could allow an attacker to gain unauthorized access to the application before the system enforces a credential update.
Vulnerability Analysis
CVE-2026-3144 is exploitable with network access, and does not require authorization privileges or user interaction. This vulnerability is consided to have a high level of attack complexity. The potential impact of an exploit of this vulnerability is considered to be very high.
Attack Vector:
NETWORK
Attack Complexity:
HIGH
Privileges Required:
NONE
User Interaction:
NONE
Scope:
UNCHANGED
Confidentiality Impact:
HIGH
Integrity Impact:
HIGH
Availability Impact:
HIGH
Weakness Type
CWE-1392
Products Associated with CVE-2026-3144
Want to know whenever a new CVE is published for IBM Api Connect? stack.watch will email you.
Affected Versions
IBM API Connect:- Version 12.1.0.0 and below 12.1.0.3 is affected.