CVE-2024-52362

EUVD-2024-54232
IBM App Connect Enterprise Certified Container 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, 12.4, 12.5, 12.6, 12.7, and 12.8 could allow an authenticated user to cause a denial of service in the App Connect flow due to improper validation of server-side input.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
ibmCNA
4.3 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Base Score
CVSS 3.x
EPSS Score
Percentile: 28%
Affected Products (NVD)
VendorProductVersion
ibmapp_connect_enterprise_certified_containers_operands
12.0.7.0:r4
ibmapp_connect_enterprise_certified_containers_operands
12.0.12.5:r1
ibmapp_connect_enterprise_certified_containers_operands
13.0.1.0:r1
ibmapp_connect_enterprise_certified_containers_operands
13.0.2.1:r1
ibmapp_connect_operator
7.2 ≤
𝑥
≤ 11.6.0
ibmapp_connect_operator
12.0.0 ≤
𝑥
< 12.9.0
ibmapp_connect_operator
12.1.0 ≤
𝑥
≤ 12.8.2
ibmapp_connect_operator
12.0.12:r1
ibmapp_connect_operator
12.0.12:r8
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.ibm.com/support/pages/node/7185527