App Connect Enterprise Security Vulnerabilities and Issues — App Connect Enterprise CVE List

Lucene search

IbmApp Connect Enterprise

6 matches found

CVE•added 2024/05/14 3:14 p.m.•71 views

CVE-2024-28761

IBM App Connect Enterprise 11.0.0.1 through 11.0.0.25 and 12.0.1.0 through 12.0.12.0 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID:...

5.4CVSS6.6AI score0.00126EPSS

CVE•added 2024/05/22 8:15 p.m.•55 views

CVE-2024-31895

IBM App Connect Enterprise 12.0.1.0 through 12.0.12.1 could allow an authenticated user to obtain sensitive user information using an expired access token. IBM X-Force ID: 288176.

6.5CVSS4.2AI score0.00094EPSS

CVE•added 2024/05/14 3:14 p.m.•54 views

CVE-2024-28760

IBM App Connect Enterprise 11.0.0.1 through 11.0.0.25 and 12.0.1.0 through 12.0.12.0 dashboard is vulnerable to a denial of service due to improper restrictions of resource allocation. IBM X-Force ID: 285244.

4.3CVSS6.3AI score0.00136EPSS

CVE•added 2024/05/22 7:15 p.m.•54 views

CVE-2024-31893

IBM App Connect Enterprise 12.0.1.0 through 12.0.12.1 could allow an authenticated user to obtain sensitive calendar information using an expired access token. IBM X-Force ID: 288174.

4.3CVSS4.2AI score0.00079EPSS

CVE•added 2024/05/22 8:15 p.m.•51 views

CVE-2024-31894

IBM App Connect Enterprise 12.0.1.0 through 12.0.12.1 could allow an authenticated user to obtain sensitive user information using an expired access token. IBM X-Force ID: 288175.

4.3CVSS4.2AI score0.00066EPSS

CVE•added 2024/05/22 7:15 p.m.•50 views

CVE-2024-31904

IBM App Connect Enterprise 11.0.0.1 through 11.0.0.25 and 12.0.1.0 through 12.0.12.0 integration nodes could allow an authenticated user to cause a denial of service due to an uncaught exception. IBM X-Force ID: 289647.

6.5CVSS6.3AI score0.00138EPSS