exploitDog

GHSA-g664-59r4-4vfr

Опубликовано: 01 фев. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 6.5

Описание

IBM App Connect Enterprise Certified Container 4.1, 4.2, 5.0, 5.1, 5.2, 6.0, 6.1, and 6.2 could disclose sensitive information to an attacker due to a weak hash of an API Key in the configuration. IBM X-Force ID: 241583.

IBM App Connect Enterprise Certified Container 4.1, 4.2, 5.0, 5.1, 5.2, 6.0, 6.1, and 6.2 could disclose sensitive information to an attacker due to a weak hash of an API Key in the configuration. IBM X-Force ID: 241583.

Ссылки

EPSS

Процентиль: 36%

0.00153

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-200

CWE-326

CWE-328

Связанные уязвимости

CVE-2022-43922

CVSS3: 5.3

nvd

около 3 лет назад

IBM App Connect Enterprise Certified Container 4.1, 4.2, 5.0, 5.1, 5.2, 6.0, 6.1, and 6.2 could disclose sensitive information to an attacker due to a weak hash of an API Key in the configuration. IBM X-Force ID: 241583.

EPSS

Процентиль: 36%

0.00153

Низкий

6.5 Medium

CVSS3

CVE ID

Дефекты

CWE-200

CWE-326

CWE-328