Design/Logic Flaw

2023-02-0621:15:00

PRIOn knowledge base

www.prio-n.com

ibm

app connect enterprise

discovery connector

vulnerability

3rd party system

credentials

privileged attacker

ibm x-force

nvd

4.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

25.7%

JSON

IBM App Connect Enterprise 11.0.0.17 through 11.0.0.19 and 12.0.4.0 and 12.0.5.0 contains an unspecified vulnerability in the Discovery Connector nodes which may cause a 3rd party system’s credentials to be exposed to a privileged attacker. IBM X-Force ID: 238211.

CPENameOperatorVersion
app_connect_enterprisege11.0.0.17
app_connect_enterprisele11.0.0.19
app_connect_enterpriseeq12.0.4.0
app_connect_enterpriseeq12.0.5.0
app_connect_enterprise_certified_containereq4.1
app_connect_enterprise_certified_containereq4.2
app_connect_enterprise_certified_containereq5.0
app_connect_enterprise_certified_containereq5.1
app_connect_enterprise_certified_containereq5.2
app_connect_enterprise_certified_containereq6.0

Name	Operator	Version
app_connect_enterprise	ge	11.0.0.17
app_connect_enterprise	le	11.0.0.19
app_connect_enterprise	eq	12.0.4.0
app_connect_enterprise	eq	12.0.5.0
app_connect_enterprise_certified_container	eq	4.1
app_connect_enterprise_certified_container	eq	4.2
app_connect_enterprise_certified_container	eq	5.0
app_connect_enterprise_certified_container	eq	5.1
app_connect_enterprise_certified_container	eq	5.2
app_connect_enterprise_certified_container	eq	6.0