CVE-2021-29906

Published: Oct 8, 2021Modified: Nov 21, 2024

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

IBM App Connect Enterprise Certified Container 1.0, 1.1, 1.2, 1.3, 1.4 and 1.5 could disclose sensitive information to a local user when it is configured to use an IBM Cloud API key to connect to cloud-based connectors. IBM X-Force ID: 207630.

Affected (6)

Products: Ibm: App Connect Enterprise Certified Container

Ibm

1 product

App Connect Enterprise Certified Container

Configuration A

6 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Ibm App Connect Enterprise Certified Container	Version 1.0.0
Ibm App Connect Enterprise Certified Container	Version 1.1.0
Ibm App Connect Enterprise Certified Container	Version 1.2.0
Ibm App Connect Enterprise Certified Container	Version 1.3.0
Ibm App Connect Enterprise Certified Container	Version 1.4.0
Ibm App Connect Enterprise Certified Container	Version 1.5.0

Running on/with	Platform Versions
Redhat Openshift	All versions

References (4)

https://exchange.xforce.ibmcloud.com/vulnerabilities/207630

Source: psirt@us.ibm.com

VDB EntryVendor Advisory

https://www.ibm.com/support/pages/node/6497177

Source: psirt@us.ibm.com

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/207630

Source: af854a3a-2127-422b-91ae-364da2661108

VDB EntryVendor Advisory

https://www.ibm.com/support/pages/node/6497177

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.