5.5
CVE-2025-1993
- EPSS 0.01%
- Veröffentlicht 09.05.2025 17:12:10
- Zuletzt bearbeitet 20.08.2025 02:46:19
- Quelle psirt@us.ibm.com
- Teams Watchlist Login
- Unerledigt Login
IBM App Connect Enterprise Certified Container 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, 12.4, 12.5, 12.6, 12.7, 12.8, 12.9, and 12.10 DesignerAuthoring instances store their flows in a database that is protected by weaker than expected cryptographic algorithms that could be decrypted by a local user.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. Login
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ibm ≫ App Connect Enterprise Certified Containers Operands Version12.0.7.0 Updater4 SwEditioncontinuous_delivery
Ibm ≫ App Connect Enterprise Certified Containers Operands Version12.0.11.1 Updater1 SwEditioncontinuous_delivery
Ibm ≫ App Connect Enterprise Certified Containers Operands Version12.0.11.2 Updater1 SwEditioncontinuous_delivery
Ibm ≫ App Connect Enterprise Certified Containers Operands Version12.0.11.3 Updater1 SwEditioncontinuous_delivery
Ibm ≫ App Connect Enterprise Certified Containers Operands Version12.0.12 Updater1 SwEditionlts
Ibm ≫ App Connect Enterprise Certified Containers Operands Version12.0.12 Updater10 SwEditionlts
Ibm ≫ App Connect Enterprise Certified Containers Operands Version12.0.12.0 Updater1 SwEditioncontinuous_delivery
Ibm ≫ App Connect Enterprise Certified Containers Operands Version12.0.12.0 Updater2 SwEditioncontinuous_delivery
Ibm ≫ App Connect Enterprise Certified Containers Operands Version12.0.12.2 Updater1 SwEditioncontinuous_delivery
Ibm ≫ App Connect Enterprise Certified Containers Operands Version12.0.12.3 Updater1 SwEditioncontinuous_delivery
Ibm ≫ App Connect Enterprise Certified Containers Operands Version12.0.12.4 Updater1 SwEditioncontinuous_delivery
Ibm ≫ App Connect Enterprise Certified Containers Operands Version12.0.12.5 Updater1 SwEditioncontinuous_delivery
Ibm ≫ App Connect Enterprise Certified Containers Operands Version13.0.1.0 Updater1 SwEditioncontinuous_delivery
Ibm ≫ App Connect Enterprise Certified Containers Operands Version13.0.1.0 Updater2 SwEditioncontinuous_delivery
Ibm ≫ App Connect Enterprise Certified Containers Operands Version13.0.1.1 Updater1 SwEditioncontinuous_delivery
Ibm ≫ App Connect Enterprise Certified Containers Operands Version13.0.2.0 Updater1 SwEditioncontinuous_delivery
Ibm ≫ App Connect Enterprise Certified Containers Operands Version13.0.2.1 Updater1 SwEditioncontinuous_delivery
Ibm ≫ App Connect Enterprise Certified Containers Operands Version13.0.2.2 Updater1 SwEditioncontinuous_delivery
Ibm ≫ App Connect Enterprise Certified Containers Operands Version13.0.2.2 Updater2 SwEditioncontinuous_delivery
Ibm ≫ App Connect Operator SwEditioncontinuous_delivery Version >= 8.1.0 <= 11.6.0
Ibm ≫ App Connect Operator SwEditionlts Version >= 12.0.0 <= 12.10.0
Ibm ≫ App Connect Operator SwEditioncontinuous_delivery Version >= 12.1.0 <= 12.10.0
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.01% | 0.006 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
|
| psirt@us.ibm.com | 5.1 | 1.4 | 3.6 |
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
|
CWE-521 Weak Password Requirements
The product does not require that users should have strong passwords, which makes it easier for attackers to compromise user accounts.