CVSS: 6.8EPSS: 0%CPEs: 9EXPL: 0CVE-2022-43922 – IBM App Connect Enterprise Certified Container information disclosure
https://notcve.org/view.php?id=CVE-2022-43922
01 Feb 2023 — IBM App Connect Enterprise Certified Container 4.1, 4.2, 5.0, 5.1, 5.2, 6.0, 6.1, and 6.2 could disclose sensitive information to an attacker due to a weak hash of an API Key in the configuration. IBM X-Force ID: 241583. • https://exchange.xforce.ibmcloud.com/vulnerabilities/241583 • CWE-326: Inadequate Encryption Strength CWE-328: Use of Weak Hash •
CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 0CVE-2022-31770
https://notcve.org/view.php?id=CVE-2022-31770
05 Jul 2022 — IBM App Connect Enterprise Certified Container 4.2 could allow a user from the administration console to cause a denial of service by creating a specially crafted request. IBM X-Force ID: 228221. IBM App Connect Enterprise Certified Container versión 4.2, podría permitir a un usuario de la consola de administración causar una denegación de servicio mediante la creación de una petición especialmente diseñada. IBM X-Force ID: 228221 • https://exchange.xforce.ibmcloud.com/vulnerabilities/228221 •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-22404
https://notcve.org/view.php?id=CVE-2022-22404
01 Apr 2022 — IBM App Connect Enterprise Certified Container Dashboard UI (IBM App Connect Enterprise Certified Container 1.5, 2.0, 2.1, 3.0, and 3.1) may be vulnerable to denial of service due to excessive rate limiting. IBM App Connect Enterprise Certified Container Dashboard UI (IBM App Connect Enterprise Certified Container versiones 1.5, 2.0, 2.1, 3.0 y 3.1) puede ser vulnerable a una denegación de servicio debido a una limitación excesiva de la velocidad • https://exchange.xforce.ibmcloud.com/vulnerabilities/222575 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2021-29906
https://notcve.org/view.php?id=CVE-2021-29906
08 Oct 2021 — IBM App Connect Enterprise Certified Container 1.0, 1.1, 1.2, 1.3, 1.4 and 1.5 could disclose sensitive information to a local user when it is configured to use an IBM Cloud API key to connect to cloud-based connectors. IBM X-Force ID: 207630. IBM App Connect Enterprise Certified Container versiones 1.0, 1.1, 1.2, 1.3, 1.4 y 1.5, podría divulgar información confidencial a un usuario local cuando es configurado para usar una clave API de IBM Cloud para conectarse a conectores basados en la nube. IBM X-Force ... • https://exchange.xforce.ibmcloud.com/vulnerabilities/207630 •
CVSS: 4.4EPSS: 0%CPEs: 5EXPL: 0CVE-2021-29759
https://notcve.org/view.php?id=CVE-2021-29759
07 Jul 2021 — IBM App Connect Enterprise Certified Container 1.0, 1.1, 1.2, and 1.3 could allow a privileged user to obtain sensitive information from internal log files. IBM X-Force ID: 202212. IBM App Connect Enterprise Certified Container versiones 1.0, 1.1, 1.2 y 1.3, podría permitir a un usuario privilegiado obtener información confidencial de los archivos de registro internos. IBM X-Force ID: 202212 • https://exchange.xforce.ibmcloud.com/vulnerabilities/202212 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 5.4EPSS: 0%CPEs: 5EXPL: 0CVE-2020-4785
https://notcve.org/view.php?id=CVE-2020-4785
03 Nov 2020 — IBM App Connect Enterprise Certified Container 1.0.0, 1.0.1, 1.0.2, 1.0.3, and 1.0.4 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 189219. IBM App Connect Enterprise Certified Container versiones 1.0.0, 1.0.1, 1.0.2, 1.0.3 y 1.0.4, podría permitir a un atacante remoto ... • https://exchange.xforce.ibmcloud.com/vulnerabilities/189219 • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •