Описание
IBM App Connect Enterprise Certified Container 1.0, 1.1, 1.2, 1.3, 1.4 and 1.5 could disclose sensitive information to a local user when it is configured to use an IBM Cloud API key to connect to cloud-based connectors. IBM X-Force ID: 207630.
Ссылки
- VDB EntryVendor Advisory
- Vendor Advisory
- VDB EntryVendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
Одно из
cpe:2.3:a:ibm:app_connect_enterprise_certified_container:1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_container:1.1.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_container:1.2.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_container:1.3.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_container:1.4.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_container:1.5.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift:-:*:*:*:*:*:*:*
EPSS
Процентиль: 28%
0.00101
Низкий
5.1 Medium
CVSS3
5.5 Medium
CVSS3
1.9 Low
CVSS2
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
github
больше 3 лет назад
IBM App Connect Enterprise Certified Container 1.0, 1.1, 1.2, 1.3, 1.4 and 1.5 could disclose sensitive information to a local user when it is configured to use an IBM Cloud API key to connect to cloud-based connectors. IBM X-Force ID: 207630.
EPSS
Процентиль: 28%
0.00101
Низкий
5.1 Medium
CVSS3
5.5 Medium
CVSS3
1.9 Low
CVSS2
Дефекты
NVD-CWE-noinfo