CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-22404
https://notcve.org/view.php?id=CVE-2022-22404
IBM App Connect Enterprise Certified Container Dashboard UI (IBM App Connect Enterprise Certified Container 1.5, 2.0, 2.1, 3.0, and 3.1) may be vulnerable to denial of service due to excessive rate limiting. IBM App Connect Enterprise Certified Container Dashboard UI (IBM App Connect Enterprise Certified Container versiones 1.5, 2.0, 2.1, 3.0 y 3.1) puede ser vulnerable a una denegación de servicio debido a una limitación excesiva de la velocidad • https://exchange.xforce.ibmcloud.com/vulnerabilities/222575 https://www.ibm.com/support/pages/node/6568359 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2021-29906
https://notcve.org/view.php?id=CVE-2021-29906
IBM App Connect Enterprise Certified Container 1.0, 1.1, 1.2, 1.3, 1.4 and 1.5 could disclose sensitive information to a local user when it is configured to use an IBM Cloud API key to connect to cloud-based connectors. IBM X-Force ID: 207630. IBM App Connect Enterprise Certified Container versiones 1.0, 1.1, 1.2, 1.3, 1.4 y 1.5, podría divulgar información confidencial a un usuario local cuando es configurado para usar una clave API de IBM Cloud para conectarse a conectores basados en la nube. IBM X-Force ID: 207630 • https://exchange.xforce.ibmcloud.com/vulnerabilities/207630 https://www.ibm.com/support/pages/node/6497177 •
CVSS: 4.4EPSS: 0%CPEs: 5EXPL: 0CVE-2021-29759
https://notcve.org/view.php?id=CVE-2021-29759
IBM App Connect Enterprise Certified Container 1.0, 1.1, 1.2, and 1.3 could allow a privileged user to obtain sensitive information from internal log files. IBM X-Force ID: 202212. IBM App Connect Enterprise Certified Container versiones 1.0, 1.1, 1.2 y 1.3, podría permitir a un usuario privilegiado obtener información confidencial de los archivos de registro internos. IBM X-Force ID: 202212 • https://exchange.xforce.ibmcloud.com/vulnerabilities/202212 https://www.ibm.com/support/pages/node/6469449 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 5.4EPSS: 0%CPEs: 5EXPL: 0CVE-2020-4785
https://notcve.org/view.php?id=CVE-2020-4785
IBM App Connect Enterprise Certified Container 1.0.0, 1.0.1, 1.0.2, 1.0.3, and 1.0.4 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 189219. IBM App Connect Enterprise Certified Container versiones 1.0.0, 1.0.1, 1.0.2, 1.0.3 y 1.0.4, podría permitir a un atacante remoto secuestrar la acción de clic de la víctima. Al persuadir a una víctima para que visite un sitio web malicioso, un atacante remoto podría explotar esta vulnerabilidad para secuestrar las acciones de clic de la víctima y posiblemente lanzar nuevos ataques contra la víctima. • https://exchange.xforce.ibmcloud.com/vulnerabilities/189219 https://www.ibm.com/support/pages/node/6357899 • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •