Filtered by vendor Ibm Subscriptions
Filtered by product App Connect Enterprise Certified Container Subscriptions
Total 9 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2022-43922 2 Ibm, Redhat 2 App Connect Enterprise Certified Container, Openshift 2024-11-21 5.3 Medium
IBM App Connect Enterprise Certified Container 4.1, 4.2, 5.0, 5.1, 5.2, 6.0, 6.1, and 6.2 could disclose sensitive information to an attacker due to a weak hash of an API Key in the configuration. IBM X-Force ID: 241583.
CVE-2022-43874 1 Ibm 1 App Connect Enterprise Certified Container 2024-11-21 6.1 Medium
IBM App Connect Enterprise Certified Container 4.1, 4.2, 5.0, 5.1, 5.2, 6.0, 6.1, 6.2, and 7.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 239963.
CVE-2022-42439 4 Ibm, Linux, Microsoft and 1 more 6 Aix, App Connect Enterprise, App Connect Enterprise Certified Container and 3 more 2024-11-21 6.8 Medium
IBM App Connect Enterprise 11.0.0.17 through 11.0.0.19 and 12.0.4.0 and 12.0.5.0 contains an unspecified vulnerability in the Discovery Connector nodes which may cause a 3rd party system’s credentials to be exposed to a privileged attacker. IBM X-Force ID: 238211.
CVE-2022-31770 1 Ibm 1 App Connect Enterprise Certified Container 2024-11-21 4.9 Medium
IBM App Connect Enterprise Certified Container 4.2 could allow a user from the administration console to cause a denial of service by creating a specially crafted request. IBM X-Force ID: 228221.
CVE-2022-22404 1 Ibm 1 App Connect Enterprise Certified Container 2024-11-21 6.5 Medium
IBM App Connect Enterprise Certified Container Dashboard UI (IBM App Connect Enterprise Certified Container 1.5, 2.0, 2.1, 3.0, and 3.1) may be vulnerable to denial of service due to excessive rate limiting.
CVE-2021-29906 2 Ibm, Redhat 2 App Connect Enterprise Certified Container, Openshift 2024-11-21 5.5 Medium
IBM App Connect Enterprise Certified Container 1.0, 1.1, 1.2, 1.3, 1.4 and 1.5 could disclose sensitive information to a local user when it is configured to use an IBM Cloud API key to connect to cloud-based connectors. IBM X-Force ID: 207630.
CVE-2021-29759 1 Ibm 1 App Connect Enterprise Certified Container 2024-11-21 2.3 Low
IBM App Connect Enterprise Certified Container 1.0, 1.1, 1.2, and 1.3 could allow a privileged user to obtain sensitive information from internal log files. IBM X-Force ID: 202212.
CVE-2020-4785 1 Ibm 1 App Connect Enterprise Certified Container 2024-11-21 5.4 Medium
IBM App Connect Enterprise Certified Container 1.0.0, 1.0.1, 1.0.2, 1.0.3, and 1.0.4 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 189219.
CVE-2022-43915 1 Ibm 1 App Connect Enterprise Certified Container 2024-09-21 6.8 Medium
IBM App Connect Enterprise Certified Container 5.0, 7.1, 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, and 12.1 does not limit calls to unshare in running Pods. This can allow a user with privileged access to execute commands in a running Pod to elevate their user privileges.