CVE-2025-13491 IBM App Connect Enterprise Certified Container Information Disclosure

🗓️ 05 Feb 2026 13:55:21Reported by ibmType

CVE-2025-13491: IBM App Connect Enterprise Certified Container may cause confidentiality loss due to authoring operands with mapping assistance and untrusted path access.

Reporter	Title	Published	Views	Family All 9
IBM Security Bulletins	Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring operands that use mapping assistance are vulnerable to loss of confidentiality [CVE-2025-13491]	5 Feb 202612:41	–	ibm
ATTACKERKB	CVE-2025-13491	5 Feb 202613:55	–	attackerkb
CNNVD	IBM App Connect Enterprise Certified Container 代码问题漏洞	5 Feb 202600:00	–	cnnvd
CVE	CVE-2025-13491	5 Feb 202613:55	–	cve
EUVD	EUVD-2025-206870	5 Feb 202613:55	–	euvd
NVD	CVE-2025-13491	5 Feb 202614:16	–	nvd
Positive Technologies	PT-2026-6556	5 Feb 202600:00	–	ptsecurity
RedhatCVE	CVE-2025-13491	6 Feb 202619:34	–	redhatcve
Vulnrichment	CVE-2025-13491 IBM App Connect Enterprise Certified Container Information Disclosure	5 Feb 202613:55	–	vulnrichment

[
  {
    "vendor": "IBM",
    "product": "App Connect Enterprise Certified Container",
    "versions": [
      {
        "status": "affected",
        "version": "11.2.0",
        "lessThanOrEqual": "11.6.0",
        "versionType": "semver"
      },
      {
        "status": "affected",
        "version": "12.1.0",
        "lessThanOrEqual": "12.19.0",
        "versionType": "semver"
      },
      {
        "status": "affected",
        "version": "12.0.0",
        "lessThanOrEqual": "12.0.19",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected",
    "cpes": [
      "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.2:-:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.3:-:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.4:-:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.5:-:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.6:-:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.0:-:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.1:-:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.2:-:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.3:-:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.4:-:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.5:-:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.6:-:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.7:-:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.8:-:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.9:-:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.10:-:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.11:-:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.12:-:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.13:-:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.14:-:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.15:-:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.16:-:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.17:-:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.18:-:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.19:-:*:*:*:*:*:*"
    ]
  }
]

Source	Link
ibm	www.ibm.com/support/pages/node/7259746

13 Mar 2026 23:16Current

CVSS 3.15.1

EPSS0.00007

CWE-426