Lucene search

China National Vulnerability DatabaseCNVD-2024-16919

HistoryMar 27, 2024 - 12:00 a.m.

IBM App Connect Enterprise and IBM Integration Bus for z/OS Information Disclosure Vulnerability

2024-03-2700:00:00

China National Vulnerability Database

www.cnvd.org.cn

ibm

app connect enterprise

integration bus

z/os

information disclosure

vulnerability

attack

sensitive information

log files

trace files

soa

6.1 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.0%

JSON

IBM App Connect Enterprise is an operating system from International Business Machines (IBM), U.S.A. IBM Integration Bus (IBM WebSphere Message Broker) is an enterprise service bus (ESB) product from International Business Machines (IBM), U.S.A… The product provides connectivity and common data transformations for Service Oriented Architecture (SOA) environments and non-SOA environments. An information disclosure vulnerability exists in IBM App Connect Enterprise and IBM Integration Bus for z/OS, which can be exploited by an attacker to read sensitive information in log or trace files.

CPENameOperatorVersion
ibm ibm app connect enterprise >=11.0.0.1，<=11.eq0.0.23
ibm ibm app connect enterprise >=12.0.1.0，<=12.eq0.9.0
ibm integration bus for z/os >=10.1，<=10.eq1.0.2

Name	Operator	Version
ibm ibm app connect enterprise >=11.0.0.1，<=11.	eq	0.0.23
ibm ibm app connect enterprise >=12.0.1.0，<=12.	eq	0.9.0
ibm integration bus for z/os >=10.1，<=10.	eq	1.0.2