App Connect Enterprise Certified Container

app_connect_enterprise_certified_container

Vendor: Ibm • 12 CVEs

CVEs (12)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-43916 1Ibm 1App Connect Enterprise Certified Container Aug 13, 2025 Jan 30, 2025 N/A· v4 9.1 CRITICAL· v3 N/A· v2 IBM App Connect Enterprise Certified Container 7.1, 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, 12.4, 12.5, 12.6, and 12.7 Pods do not restrict network...Show more IBM App Connect Enterprise Certified Container 7.1, 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, 12.4, 12.5, 12.6, and 12.7 Pods do not restrict network egress for Pods that are used for internal infrastructure.Show less
CVE-2022-22491 1Ibm 1App Connect Enterprise Certified Container Jun 20, 2025 Jan 9, 2025 N/A· v4 5.5 MEDIUM· v3 N/A· v2 IBM App Connect Enterprise Certified Container 7.1, 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, and 12.4 operands running in Red Hat OpenShift do not r...Show more IBM App Connect Enterprise Certified Container 7.1, 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, and 12.4 operands running in Red Hat OpenShift do not restrict writing to the local filesystem, which may result in exhausting the available storage in a Pod, resulting in that Pod being restarted.Show less
CVE-2024-51465 1Ibm 1App Connect Enterprise Certified Container Aug 14, 2025 Dec 4, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 IBM App Connect Enterprise Certified Container 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, and 12.3 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request.
CVE-2022-43915 1Ibm 1App Connect Enterprise Certified Container Sep 21, 2024 Aug 24, 2024 N/A· v4 8.1 HIGH· v3 N/A· v2 IBM App Connect Enterprise Certified Container 5.0, 7.1, 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, and 12.1 does not limit calls to unshare in running Pods. This can...Show more IBM App Connect Enterprise Certified Container 5.0, 7.1, 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, and 12.1 does not limit calls to unshare in running Pods. This can allow a user with privileged access to execute commands in a running Pod to elevate their user privileges.Show less
CVE-2022-43874 1Ibm 1App Connect Enterprise Certified Container Nov 21, 2024 Mar 15, 2023 N/A· v4 6.1 MEDIUM· v3 N/A· v2 IBM App Connect Enterprise Certified Container 4.1, 4.2, 5.0, 5.1, 5.2, 6.0, 6.1, 6.2, and 7.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus...Show more IBM App Connect Enterprise Certified Container 4.1, 4.2, 5.0, 5.1, 5.2, 6.0, 6.1, 6.2, and 7.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 239963.Show less
CVE-2022-42439 1Ibm 2App Connect Enterprise App Connect Enterprise Certified Container Nov 21, 2024 Feb 6, 2023 N/A· v4 4.9 MEDIUM· v3 N/A· v2 IBM App Connect Enterprise 11.0.0.17 through 11.0.0.19 and 12.0.4.0 and 12.0.5.0 contains an unspecified vulnerability in the Discovery Connector nodes which may cause a 3rd party system’s credentials to be exposed to a...Show more IBM App Connect Enterprise 11.0.0.17 through 11.0.0.19 and 12.0.4.0 and 12.0.5.0 contains an unspecified vulnerability in the Discovery Connector nodes which may cause a 3rd party system’s credentials to be exposed to a privileged attacker. IBM X-Force ID: 238211. Show less
CVE-2022-43922 1Ibm 1App Connect Enterprise Certified Container Mar 26, 2025 Feb 1, 2023 N/A· v4 6.5 MEDIUM· v3 N/A· v2 IBM App Connect Enterprise Certified Container 4.1, 4.2, 5.0, 5.1, 5.2, 6.0, 6.1, and 6.2 could disclose sensitive information to an attacker due to a weak hash of an API Key in the configuration. IBM X-Force ID: 24158...Show more IBM App Connect Enterprise Certified Container 4.1, 4.2, 5.0, 5.1, 5.2, 6.0, 6.1, and 6.2 could disclose sensitive information to an attacker due to a weak hash of an API Key in the configuration. IBM X-Force ID: 241583.Show less
CVE-2022-31770 1Ibm 1App Connect Enterprise Certified Container Nov 21, 2024 Jul 5, 2022 N/A· v4 4.9 MEDIUM· v3 4.0 MEDIUM· v2 IBM App Connect Enterprise Certified Container 4.2 could allow a user from the administration console to cause a denial of service by creating a specially crafted request. IBM X-Force ID: 228221.
CVE-2022-22404 1Ibm 1App Connect Enterprise Certified Container Nov 21, 2024 Apr 1, 2022 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 IBM App Connect Enterprise Certified Container Dashboard UI (IBM App Connect Enterprise Certified Container 1.5, 2.0, 2.1, 3.0, and 3.1) may be vulnerable to denial of service due to excessive rate limiting.
CVE-2021-29906 1Ibm 1App Connect Enterprise Certified Container Nov 21, 2024 Oct 8, 2021 N/A· v4 5.5 MEDIUM· v3 1.9 LOW· v2 IBM App Connect Enterprise Certified Container 1.0, 1.1, 1.2, 1.3, 1.4 and 1.5 could disclose sensitive information to a local user when it is configured to use an IBM Cloud API key to connect to cloud-based connectors....Show more IBM App Connect Enterprise Certified Container 1.0, 1.1, 1.2, 1.3, 1.4 and 1.5 could disclose sensitive information to a local user when it is configured to use an IBM Cloud API key to connect to cloud-based connectors. IBM X-Force ID: 207630.Show less
CVE-2021-29759 1Ibm 1App Connect Enterprise Certified Container Nov 21, 2024 Jul 7, 2021 N/A· v4 2.3 LOW· v3 2.1 LOW· v2 IBM App Connect Enterprise Certified Container 1.0, 1.1, 1.2, and 1.3 could allow a privileged user to obtain sensitive information from internal log files. IBM X-Force ID: 202212.
CVE-2020-4785 1Ibm 1App Connect Enterprise Certified Container Nov 21, 2024 Nov 3, 2020 N/A· v4 5.4 MEDIUM· v3 4.9 MEDIUM· v2 IBM App Connect Enterprise Certified Container 1.0.0, 1.0.1, 1.0.2, 1.0.3, and 1.0.4 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remo...Show more IBM App Connect Enterprise Certified Container 1.0.0, 1.0.1, 1.0.2, 1.0.3, and 1.0.4 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 189219.Show less