Описание
IBM App Connect Enterprise Certified Container CD: 9.2.0 through 11.6.0, 12.1.0 through 12.14.0, and 12.0 LTS: 12.0.0 through 12.0.14stores potentially sensitive information in log files during installation that could be read by a local user on the container.
Ссылки
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 9.2.0 (включая) до 11.6.0 (включая)Версия от 12.0.0 (включая) до 12.15.0 (исключая)Версия от 12.1.0 (включая) до 12.15.0 (исключая)
Одно из
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.9.0:r2:*:*:continuous_delivery:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.9.0:r3:*:*:continuous_delivery:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.10.0:r1:*:*:continuous_delivery:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.10.0:r2:*:*:continuous_delivery:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.10.0:r3:*:*:continuous_delivery:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.11.1:r1:*:*:continuous_delivery:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.11.2:r1:*:*:continuous_delivery:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.11.3:r1:*:*:continuous_delivery:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.12:r1:*:*:lts:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.12:r10:*:*:lts:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.12:r11:*:*:lts:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.12:r12:*:*:lts:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.12:r13:*:*:lts:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.12:r14:*:*:lts:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.12:r2:*:*:lts:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.12:r3:*:*:lts:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.12:r4:*:*:lts:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.12:r5:*:*:lts:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.12:r6:*:*:lts:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.12:r7:*:*:lts:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.12:r8:*:*:lts:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.12:r9:*:*:lts:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.12.0:r1:*:*:continuous_delivery:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.12.0:r2:*:*:continuous_delivery:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.12.2:r1:*:*:continuous_delivery:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.12.3:r1:*:*:continuous_delivery:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.12.4:r1:*:*:continuous_delivery:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.12.5:r1:*:*:continuous_delivery:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:13.0.1.0:r1:*:*:continuous_delivery:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:13.0.1.0:r2:*:*:continuous_delivery:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:13.0.1.1:r1:*:*:continuous_delivery:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:13.0.2.0:r1:*:*:continuous_delivery:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:13.0.2.1:r1:*:*:continuous_delivery:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:13.0.2.2:r1:*:*:continuous_delivery:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:13.0.2.2:r2:*:*:continuous_delivery:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:13.0.3.0:r1:*:*:continuous_delivery:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:13.0.3.1:r1:*:*:continuous_delivery:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:13.0.4.0:r1:*:*:continuous_delivery:*:*:*
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:13.0.4.1:r1:*:*:continuous_delivery:*:*:*
cpe:2.3:a:ibm:app_connect_operator:*:*:*:*:continuous_delivery:*:*:*
cpe:2.3:a:ibm:app_connect_operator:*:*:*:*:lts:*:*:*
cpe:2.3:a:ibm:app_connect_operator:*:*:*:*:continuous_delivery:*:*:*
EPSS
Процентиль: 1%
0.00008
Низкий
5.9 Medium
CVSS3
5.5 Medium
CVSS3
Дефекты
CWE-532
Связанные уязвимости
CVSS3: 5.5
github
около 2 месяцев назад
IBM App Connect Enterprise Certified Container CD: 9.2.0 through 11.6.0, 12.1.0 through 12.14.0, and 12.0 LTS: 12.0.0 through 12.0.14stores potentially sensitive information in log files during installation that could be read by a local user on the container.
EPSS
Процентиль: 1%
0.00008
Низкий
5.9 Medium
CVSS3
5.5 Medium
CVSS3
Дефекты
CWE-532