CVE-2024-22317

Опубликовано: 18 янв. 2024

Источник: nvd

CVSS3: 9.1

EPSS Низкий

Описание

IBM App Connect Enterprise 11.0.0.1 through 11.0.0.24 and 12.0.1.0 through 12.0.11.0 could allow a remote attacker to obtain sensitive information or cause a denial of service due to improper restriction of excessive authentication attempts. IBM X-Force ID: 279143.

Ссылки

https://exchange.xforce.ibmcloud.com/vulnerabilities/279143
VDB Entry
Vendor Advisory
https://www.ibm.com/support/pages/node/7108661
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/279143
VDB Entry
Vendor Advisory
https://www.ibm.com/support/pages/node/7108661
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ibm:app_connect_enterprise:*:*:*:*:*:*:*:*

Версия от 11.0.0.1 (включая) до 11.0.0.24 (включая)

cpe:2.3:a:ibm:app_connect_enterprise:*:*:*:*:*:*:*:*

Версия от 12.0.1.0 (включая) до 12.0.11.0 (включая)

EPSS

Процентиль: 31%

0.00121

Низкий

9.1 Critical

CVSS3

Дефекты

CWE-307

Связанные уязвимости

GHSA-rcrf-j4mf-2fp6