Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up
ibm

App Connect Enterprise Certified Container

20 Versions 8 CVEs

Versions

1.0.4

SEMANTIC 2 CVEs

4.1, 4.2, 5.0, 5.1, 5.2, 6.0, 6.1, 6.2, 7.0

OTHER 1 CVE

1.0.1

SEMANTIC 2 CVEs

4.1, 4.2, 5.0, 5.1, 5.2, 6.0, 6.1, 6.2

OTHER 1 CVE

2.1

MAJOR_MINOR 1 CVE

1.0.0

SEMANTIC 2 CVEs

11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3

OTHER 1 CVE

1.4

MAJOR_MINOR 1 CVE

1.0.5

SEMANTIC 1 CVE

1.0

MAJOR_MINOR 1 CVE

2.0

MAJOR_MINOR 1 CVE

1.3

MAJOR_MINOR 2 CVEs

1.0.3

SEMANTIC 2 CVEs

3.1

MAJOR_MINOR 1 CVE

1.0.2

SEMANTIC 2 CVEs

3.0

MAJOR_MINOR 1 CVE

4.2

MAJOR_MINOR 1 CVE

1.1

MAJOR_MINOR 2 CVEs

1.5

MAJOR_MINOR 2 CVEs

1.2

MAJOR_MINOR 2 CVEs

Recent CVEs

CVE-2024-51465

IBM App Connect Enterprise Certified Container 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, and 12.3 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request.

HIGH Dec 04, 2024

CVE-2022-43874

IBM App Connect Enterprise Certified Container 4.1, 4.2, 5.0, 5.1, 5.2, 6.0, 6.1, 6.2, and 7.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 239963.

MEDIUM Mar 15, 2023

CVE-2022-43922

IBM App Connect Enterprise Certified Container 4.1, 4.2, 5.0, 5.1, 5.2, 6.0, 6.1, and 6.2 could disclose sensitive information to an attacker due to a weak hash of an API Key in the configuration. IBM X-Force ID: 241583.

MEDIUM Feb 01, 2023

CVE-2022-31770

IBM App Connect Enterprise Certified Container 4.2 could allow a user from the administration console to cause a denial of service by creating a specially crafted request. IBM X-Force ID: 228221.

MEDIUM Jul 05, 2022

CVE-2022-22404

IBM App Connect Enterprise Certified Container Dashboard UI (IBM App Connect Enterprise Certified Container 1.5, 2.0, 2.1, 3.0, and 3.1) may be vulnerable to denial of service due to excessive rate limiting.

MEDIUM Apr 01, 2022

CVE-2021-29906

IBM App Connect Enterprise Certified Container 1.0, 1.1, 1.2, 1.3, 1.4 and 1.5 could disclose sensitive information to a local user when it is configured to use an IBM Cloud API key to connect to cloud-based connectors. IBM X-Force ID: 207630.

MEDIUM Oct 08, 2021

CVE-2021-29759

IBM App Connect Enterprise Certified Container 1.0, 1.1, 1.2, and 1.3 could allow a privileged user to obtain sensitive information from internal log files. IBM X-Force ID: 202212.

MEDIUM Jul 07, 2021

CVE-2020-4785

IBM App Connect Enterprise Certified Container 1.0.0, 1.0.1, 1.0.2, 1.0.3, and 1.0.4 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 189219.

MEDIUM Nov 03, 2020