6.8 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
0.001 Low
EPSS
Percentile
25.7%
IBM App Connect Enterprise contains an unspecified vulnerability in the Discovery Connector nodes which may cause a 3rd party systemβs credentials to be exposed to a privileged attacker. The fix provided resolves the vulnerability.
CVEID:CVE-2022-42439
**DESCRIPTION:**IBM App Connect Enterprise contains an unspecified vulnerability in the Discovery Connector nodes which may cause a 3rd party systemβs credentials to be exposed to a privileged attacker.
CVSS Base score: 6.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/238211 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N)
Affected Product(s) | Version(s) |
---|---|
IBM App Connect Enterprise | 11.0.0.17 - 11.0.0.19 |
IBM App Connect Enterprise | 12.0.0.4 - 12.0.5.0 |
IBM strongly recommends addressing the vulnerability/vulnerabilities now by applying the appropriate fix to IBM App Connect Enterprise
Product(s) | Version(s) | APAR | Remediation / Fix |
---|---|---|---|
IBM App Connect Enterprise | v12.0.4.0 - v12.0.5.0 | IT42127 |
The APAR (IT42127) is available in fixpack 12.0.6.0
IBM App Connect Enterprise version v12 - Fixpack 12.0.6.0
IBM App Connect Enterprise| v11.0.0.17 - v11.0.0.19| IT42127|
The APAR (IT42127) is available in fixpack 11.0.0.20
IBM App Connect Enterprise version v11 - Fixpack 11.0.0.20
None
6.8 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
0.001 Low
EPSS
Percentile
25.7%