CVE-2024-22356 – IBM App Connect Enterprise and IBM Integration Bus for z/OS information disclosure
https://notcve.org/view.php?id=CVE-2024-22356
IBM App Connect Enterprise 11.0.0.1 through 11.0.0.23, 12.0.1.0 through 12.0.9.0 and IBM Integration Bus for z/OS 10.1 through 10.1.0.2store potentially sensitive information in log or trace files that could be read by a privileged user. IBM X-Force ID: 280893. IBM App Connect Enterprise 11.0.0.1 a 11.0.0.23, 12.0.1.0 a 12.0.9.0 e IBM Integration Bus para z/OS 10.1 a 10.1.0.2 almacenan información potencialmente confidencial en archivos de registro o rastreo que un usuario privilegiado podría leer. ID de IBM X-Force: 280893. • https://exchange.xforce.ibmcloud.com/vulnerabilities/280893 https://www.ibm.com/support/pages/node/7145144 • CWE-117: Improper Output Neutralization for Logs •
CVE-2024-27265 – IBM Integration Bus for z/OS cross-site request forgery
https://notcve.org/view.php?id=CVE-2024-27265
IBM Integration Bus for z/OS 10.1 through 10.1.0.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 284564. IBM Integration Bus para z/OS 10.1 a 10.1.0.3 es vulnerable a cross-site request forgery, lo que podría permitir a un atacante ejecutar acciones maliciosas y no autorizadas transmitidas por un usuario en el que confía el sitio web. ID de IBM X-Force: 284564. • https://exchange.xforce.ibmcloud.com/vulnerabilities/284564 https://www.ibm.com/support/pages/node/7140678 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVE-2024-22332 – IBM Integration Bus for z/OS denial of service
https://notcve.org/view.php?id=CVE-2024-22332
The IBM Integration Bus for z/OS 10.1 through 10.1.0.2 AdminAPI is vulnerable to a denial of service due to file system exhaustion. IBM X-Force ID: 279972. IBM Integration Bus para z/OS 10.1 a 10.1.0.2 AdminAPI es vulnerable a una denegación de servicio debido al agotamiento del sistema de archivos. ID de IBM X-Force: 279972. • https://exchange.xforce.ibmcloud.com/vulnerabilities/279972 https://https://www.ibm.com/support/pages/node/7116046 • CWE-400: Uncontrolled Resource Consumption •