2 matches found
Security Bulletin: IBM App Connect Enterprise Certified Container could allow a privileged user to obtain sensitive information from internal log files (CVE-2021-29759)
Summary The Integration Server component in IBM App Connect Enterprise Certified Container, when running Designer flows, writes some logs to a log file inside the container. A flaw in the logging may result in credential information being written to the logs. Vulnerability Details CVEID:...
CVE-2021-29759
IBM App Connect Enterprise Certified Container 1.0–1.3 is affected by CVE-2021-29759 due to a flaw in the internal logging mechanism: logs may contain credentials when Designer flows write logs inside the container. The IBM reply bulletin specifies the vulnerability, with CVSS3.0/LOw severity det...