CVE-2024-28760

IBM App Connect Enterprise 11.0.0.1 through 11.0.0.25 and 12.0.1.0 through 12.0.12.0 dashboard is vulnerable to a denial of service due to improper restrictions of resource allocation. IBM X-Force ID: 285244...

CVE-2024-28760

CVE-2024-28760 affects IBM App Connect Enterprise dashboard. Affected versions: 11.0.0.1–11.0.0.25 and 12.0.1.0–12.0.12.0. Root cause: improper restrictions of resource allocation in the Dashboard component, leading to a denial of service. Practical impact: DoS, with CVSS base score 4.3 (Network ...

Security Bulletin: IBM App Connect Enterprise is vulnerable to a denial of service (CVE-2024-28760)

Summary IBM App Connect Enterprise Dashboard is vulnerable to a denial of service due to improper restrictions of resource allocation. This bulletin identifies the steps to take to address the vulnerability Vulnerability Details CVEID:CVE-2024-28760 DESCRIPTION: IBM App Connect Enterprise dashboa...

Security Bulletin: IBM App Connect Enterprise is vulnerable to a remote attack due to the node.js module follow-redirects and Express.js (CVE-2024-28849, CVE-2024-29041)

Summary IBM App Connect Enterprise is vulnerable to a remote attack due to node.js module follow-redirects and Express.js. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-28849 DESCRIPTION: Node.js follow-redirects module could allow...

Security Bulletin: IBM App Connect Enterprise is vulnerable to cross-site request forgery due to Axios ( CVE-2023-45857)

Summary IBM App Connect Enterprise is vulnerable to a a cross-site request forgery due to Axios. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2023-45857 DESCRIPTION: Axios is vulnerable to cross-site request forgery, caused by improper...

Security Bulletin: IBM App Connect Enterprise is vulnerable to a remote authenticated attacker due to the electron module (CVE-2023-45143)

Summary IBM App Connect Enterprise is vulnerable to allowing a remote authenticated attacker to obtain sensitive information, due to the electron module. Electron is used for Discovery Connectors in IBM App Connect Enterprise. This bulletin identifies the steps to take to address the vulnerabilit...

IBM App Connect Enterprise 安全漏洞

IBM App Connect Enterprise is an operating system from International Business Machines IBM, Inc. that combines existing industry-trusted IBM Integration Bus technology with IBM App Connect Professional and new cloud-native IBM App Connect Enterprise combines existing industry-trusted IBM...

Security Bulletin: IBM App Connect Enterprise is vulnerable to a remote attacker due to the module xmldom [CVE-2022-39353]

Summary IBM App Connect Enterprise is vulnerable to a remote attacker due to the module xmldom. CVE-2022-39353 The resolving fix includes xmldom 0.8.5 and 0.8.6 Vulnerability Details CVEID:CVE-2022-39353 DESCRIPTION: Node.js xmldom module could allow a remote attacker to bypass security...