5.5
CVE-2025-1993
- EPSS 0.04%
- Veröffentlicht 09.05.2025 17:12:10
- Zuletzt bearbeitet 20.08.2025 02:46:19
- Quelle psirt@us.ibm.com
- CVE-Watchlists
- Unerledigt
IBM App Connect Enterprise Certified Container information disclosure
IBM App Connect Enterprise Certified Container 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, 12.4, 12.5, 12.6, 12.7, 12.8, 12.9, and 12.10 DesignerAuthoring instances store their flows in a database that is protected by weaker than expected cryptographic algorithms that could be decrypted by a local user.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ibm ≫ App Connect Enterprise Certified Containers Operands Version12.0.7.0 Updater4 SwEditioncontinuous_delivery
Ibm ≫ App Connect Enterprise Certified Containers Operands Version12.0.11.1 Updater1 SwEditioncontinuous_delivery
Ibm ≫ App Connect Enterprise Certified Containers Operands Version12.0.11.2 Updater1 SwEditioncontinuous_delivery
Ibm ≫ App Connect Enterprise Certified Containers Operands Version12.0.11.3 Updater1 SwEditioncontinuous_delivery
Ibm ≫ App Connect Enterprise Certified Containers Operands Version12.0.12 Updater1 SwEditionlts
Ibm ≫ App Connect Enterprise Certified Containers Operands Version12.0.12 Updater10 SwEditionlts
Ibm ≫ App Connect Enterprise Certified Containers Operands Version12.0.12.0 Updater1 SwEditioncontinuous_delivery
Ibm ≫ App Connect Enterprise Certified Containers Operands Version12.0.12.0 Updater2 SwEditioncontinuous_delivery
Ibm ≫ App Connect Enterprise Certified Containers Operands Version12.0.12.2 Updater1 SwEditioncontinuous_delivery
Ibm ≫ App Connect Enterprise Certified Containers Operands Version12.0.12.3 Updater1 SwEditioncontinuous_delivery
Ibm ≫ App Connect Enterprise Certified Containers Operands Version12.0.12.4 Updater1 SwEditioncontinuous_delivery
Ibm ≫ App Connect Enterprise Certified Containers Operands Version12.0.12.5 Updater1 SwEditioncontinuous_delivery
Ibm ≫ App Connect Enterprise Certified Containers Operands Version13.0.1.0 Updater1 SwEditioncontinuous_delivery
Ibm ≫ App Connect Enterprise Certified Containers Operands Version13.0.1.0 Updater2 SwEditioncontinuous_delivery
Ibm ≫ App Connect Enterprise Certified Containers Operands Version13.0.1.1 Updater1 SwEditioncontinuous_delivery
Ibm ≫ App Connect Enterprise Certified Containers Operands Version13.0.2.0 Updater1 SwEditioncontinuous_delivery
Ibm ≫ App Connect Enterprise Certified Containers Operands Version13.0.2.1 Updater1 SwEditioncontinuous_delivery
Ibm ≫ App Connect Enterprise Certified Containers Operands Version13.0.2.2 Updater1 SwEditioncontinuous_delivery
Ibm ≫ App Connect Enterprise Certified Containers Operands Version13.0.2.2 Updater2 SwEditioncontinuous_delivery
Ibm ≫ App Connect Operator SwEditioncontinuous_delivery Version >= 8.1.0 <= 11.6.0
Ibm ≫ App Connect Operator SwEditionlts Version >= 12.0.0 <= 12.10.0
Ibm ≫ App Connect Operator SwEditioncontinuous_delivery Version >= 12.1.0 <= 12.10.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.04% | 0.121 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
|
| psirt@us.ibm.com | 5.1 | 1.4 | 3.6 |
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
|
CWE-521 Weak Password Requirements
The product does not require that users should have strong passwords, which makes it easier for attackers to compromise user accounts.