Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

App Connect Enterprise Security Vulnerabilities

cve
cve

CVE-2022-42439

IBM App Connect Enterprise 11.0.0.17 through 11.0.0.19 and 12.0.4.0 and 12.0.5.0 contains an unspecified vulnerability in the Discovery Connector nodes which may cause a 3rd party system’s credentials to be exposed to a privileged attacker. IBM X-Force ID: 238211.

6.8CVSS

4.8AI Score

0.001EPSS

2023-02-06 09:15 PM
44
cve
cve

CVE-2022-42444

IBM App Connect Enterprise 11.0.0.8 through 11.0.0.19 and 12.0.1.0 through 12.0.5.0 is vulnerable to a buffer overflow. A remote privileged user could overflow a buffer and cause the application to crash. IBM X-Force ID: 238538.

6.5CVSS

6.5AI Score

0.001EPSS

2023-02-12 04:15 AM
31
cve
cve

CVE-2023-40682

IBM App Connect Enterprise 12.0.1.0 through 12.0.8.0 contains an unspecified vulnerability that could allow a local privileged user to obtain sensitive information from API logs. IBM X-Force ID: 263833.

4.4CVSS

4.1AI Score

0.0004EPSS

2023-10-13 04:15 PM
46
cve
cve

CVE-2023-45176

IBM App Connect Enterprise 11.0.0.1 through 11.0.0.23, 12.0.1.0 through 12.0.10.0 and IBM Integration Bus 10.1 through 10.1.0.1 are vulnerable to a denial of service for integration nodes on Windows. IBM X-Force ID: 247998.

6.2CVSS

5.3AI Score

0.0004EPSS

2023-10-14 04:15 PM
47
cve
cve

CVE-2024-22317

IBM App Connect Enterprise 11.0.0.1 through 11.0.0.24 and 12.0.1.0 through 12.0.11.0 could allow a remote attacker to obtain sensitive information or cause a denial of service due to improper restriction of excessive authentication attempts. IBM X-Force ID: 279143.

9.1CVSS

8.7AI Score

0.001EPSS

2024-01-18 02:15 PM
24
cve
cve

CVE-2024-22356

IBM App Connect Enterprise 11.0.0.1 through 11.0.0.23, 12.0.1.0 through 12.0.9.0 and IBM Integration Bus for z/OS 10.1 through 10.1.0.2store potentially sensitive information in log or trace files that could be read by a privileged user. IBM X-Force ID: 280893.

4.9CVSS

4.7AI Score

0.0004EPSS

2024-03-26 03:15 PM
51
cve
cve

CVE-2024-28760

IBM App Connect Enterprise 11.0.0.1 through 11.0.0.25 and 12.0.1.0 through 12.0.12.0 dashboard is vulnerable to a denial of service due to improper restrictions of resource allocation. IBM X-Force ID: 285244.

4.3CVSS

6.3AI Score

0.0004EPSS

2024-05-14 03:14 PM
41
cve
cve

CVE-2024-28761

IBM App Connect Enterprise 11.0.0.1 through 11.0.0.25 and 12.0.1.0 through 12.0.12.0 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID:...

5.4CVSS

6.6AI Score

0.0004EPSS

2024-05-14 03:14 PM
53
cve
cve

CVE-2024-31893

IBM App Connect Enterprise 12.0.1.0 through 12.0.12.1 could allow an authenticated user to obtain sensitive calendar information using an expired access token. IBM X-Force ID: 288174.

4.3CVSS

5.7AI Score

0.0004EPSS

2024-05-22 07:15 PM
34
cve
cve

CVE-2024-31894

IBM App Connect Enterprise 12.0.1.0 through 12.0.12.1 could allow an authenticated user to obtain sensitive user information using an expired access token. IBM X-Force ID: 288175.

4.3CVSS

5.7AI Score

0.0004EPSS

2024-05-22 08:15 PM
37
cve
cve

CVE-2024-31895

IBM App Connect Enterprise 12.0.1.0 through 12.0.12.1 could allow an authenticated user to obtain sensitive user information using an expired access token. IBM X-Force ID: 288176.

4.3CVSS

5.7AI Score

0.0004EPSS

2024-05-22 08:15 PM
35
cve
cve

CVE-2024-31904

IBM App Connect Enterprise 11.0.0.1 through 11.0.0.25 and 12.0.1.0 through 12.0.12.0 integration nodes could allow an authenticated user to cause a denial of service due to an uncaught exception. IBM X-Force ID: 289647.

6.5CVSS

6.2AI Score

0.0004EPSS

2024-05-22 07:15 PM
30