Ibm

Integration Bus

23 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.7

CVE-2025-36014

  • EPSS 0.03%
  • Published 07.07.2025 16:15:53
  • Last modified 25.08.2025 02:19:33

IBM Integration Bus for z/OS 10.1.0.0 through 10.1.0.5 is vulnerable to code injection by a privileged user with access to the IIB install directory.

4.9

CVE-2024-22356

  • EPSS 0.06%
  • Published 26.03.2024 15:15:48
  • Last modified 28.01.2025 18:43:25

IBM App Connect Enterprise 11.0.0.1 through 11.0.0.23, 12.0.1.0 through 12.0.9.0 and IBM Integration Bus for z/OS 10.1 through 10.1.0.2store potentially sensitive information in log or trace files that could be read by a privileged user. IBM X-Force...

6.5

CVE-2024-27265

  • EPSS 0.04%
  • Published 14.03.2024 19:15:50
  • Last modified 21.11.2024 09:04:12

IBM Integration Bus for z/OS 10.1 through 10.1.0.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 284564.

6.5

CVE-2024-22332

  • EPSS 0.06%
  • Published 09.02.2024 01:15:09
  • Last modified 21.11.2024 08:56:04

The IBM Integration Bus for z/OS 10.1 through 10.1.0.2 AdminAPI is vulnerable to a denial of service due to file system exhaustion. IBM X-Force ID: 279972.

5.5

CVE-2023-45176

  • EPSS 0.02%
  • Published 14.10.2023 16:15:10
  • Last modified 21.11.2024 08:26:29

IBM App Connect Enterprise 11.0.0.1 through 11.0.0.23, 12.0.1.0 through 12.0.10.0 and IBM Integration Bus 10.1 through 10.1.0.1 are vulnerable to a denial of service for integration nodes on Windows. IBM X-Force ID: 247998.

5.3

CVE-2018-1801

  • EPSS 0.28%
  • Published 04.02.2019 21:29:00
  • Last modified 21.11.2024 04:00:23

IBM App Connect V11.0.0.0 through V11.0.0.1, IBM Integration Bus V10.0.0.0 through V10.0.0.13, IBM Integration Bus V9.0.0.0 through V9.0.0.10, and WebSphere Message Broker V8.0.0.0 through V8.0.0.9 is vulnerable to a XML External Entity Injection (XX...

5.5

CVE-2017-1418

  • EPSS 0.04%
  • Published 26.11.2018 16:29:00
  • Last modified 21.11.2024 03:21:50

IBM Integration Bus 9.0.0.0, 9.0.0.11, 10.0.0.0, and 10.0.0.14 (including IBM WebSphere Message Broker 8.0.0.0 and 8.0.0.9) has insecure permissions on certain files. A local attacker could exploit this vulnerability to modify or delete these files w...

6.8

CVE-2017-1693

  • EPSS 0.29%
  • Published 19.01.2018 14:29:00
  • Last modified 21.11.2024 03:22:13

IBM Integration Bus 9.0 and 10.0 could allow an attacker that has captured a valid session id to hijack another users session during a small timeframe before the session times out. IBM X-Force ID: 134164.

8.1

CVE-2017-1694

  • EPSS 0.13%
  • Published 20.12.2017 18:29:01
  • Last modified 20.04.2025 01:37:25

IBM Integration Bus 9.0 and 10.0 transmits user credentials in plain in clear text which can be read by an attacker using man in the middle techniques. IBM X-Force ID: 134165.

5.3

CVE-2017-1126

  • EPSS 0.19%
  • Published 04.10.2017 01:29:02
  • Last modified 20.04.2025 01:37:25

IBM WebSphere Message Broker (IBM Integration Bus 9.0 and 10.0) could allow an unauthorized user to obtain sensitive information about software versions that could lead to further attacks. IBM X-Force ID: 121341.