Описание
IBM App Connect Enterprise Certified Container 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, 12.4, 12.5, 12.6, 12.7, and 12.8 could allow an authenticated user to cause a denial of service in the App Connect flow due to improper validation of server-side input.
Ссылки
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 7.2 (включая) до 11.6.0 (включая)Версия от 12.0.0 (включая) до 12.9.0 (исключая)Версия от 12.1.0 (включая) до 12.8.2 (включая)
Одно из
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.7.0:r4:*:*:continuous_delivery:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.12.5:r1:*:*:continuous_delivery:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:13.0.1.0:r1:*:*:continuous_delivery:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:13.0.2.1:r1:*:*:continuous_delivery:*:*:*
cpe:2.3:a:ibm:app_connect_operator:*:*:*:*:continuous_delivery:*:*:*
cpe:2.3:a:ibm:app_connect_operator:*:*:*:*:lts:*:*:*
cpe:2.3:a:ibm:app_connect_operator:*:*:*:*:continuous_delivery:*:*:*
cpe:2.3:a:ibm:app_connect_operator:12.0.12:r1:*:*:lts:*:*:*
cpe:2.3:a:ibm:app_connect_operator:12.0.12:r8:*:*:lts:*:*:*
EPSS
Процентиль: 29%
0.00104
Низкий
4.3 Medium
CVSS3
6.5 Medium
CVSS3
Дефекты
CWE-1286
Связанные уязвимости
CVSS3: 4.3
github
11 месяцев назад
IBM App Connect Enterprise Certified Container 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, 12.4, 12.5, 12.6, 12.7, and 12.8 could allow an authenticated user to cause a denial of service in the App Connect flow due to improper validation of server-side input.
EPSS
Процентиль: 29%
0.00104
Низкий
4.3 Medium
CVSS3
6.5 Medium
CVSS3
Дефекты
CWE-1286