CVE-2025-13490

EUVD-2025-208249
IBM App Connect Operator versions CD 11.3.0 through 11.6.0 and 12.1.0 through 12.20.0, LTS versions 12.0.0 through 12.0.20, and IBM App Connect Enterprise Certified Containers Operands versions CD 12.0.11.2‑r1 through 12.0.12.5‑r1 and 13.0.1.0‑r1 through 13.0.6.1‑r1, and LTS versions 12.0.12‑r1 through 12.0.12‑r20, contain a vulnerability in which the IBM App Connect Enterprise Certified Container transmits data in clear text, potentially allowing an attacker to intercept and obtain sensitive information through man‑in‑the‑middle techniques.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.9 MEDIUM
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
ibmapp_connect_enterprise_certified_containers_operands
12.0.11.2:r1
ibmapp_connect_enterprise_certified_containers_operands
12.0.11.3:r1
ibmapp_connect_enterprise_certified_containers_operands
12.0.12:r1
ibmapp_connect_enterprise_certified_containers_operands
12.0.12:r10
ibmapp_connect_enterprise_certified_containers_operands
12.0.12:r11
ibmapp_connect_enterprise_certified_containers_operands
12.0.12:r12
ibmapp_connect_enterprise_certified_containers_operands
12.0.12:r13
ibmapp_connect_enterprise_certified_containers_operands
12.0.12:r14
ibmapp_connect_enterprise_certified_containers_operands
12.0.12:r15
ibmapp_connect_enterprise_certified_containers_operands
12.0.12:r16
ibmapp_connect_enterprise_certified_containers_operands
12.0.12:r17
ibmapp_connect_enterprise_certified_containers_operands
12.0.12:r18
ibmapp_connect_enterprise_certified_containers_operands
12.0.12:r19
ibmapp_connect_enterprise_certified_containers_operands
12.0.12:r2
ibmapp_connect_enterprise_certified_containers_operands
12.0.12:r20
ibmapp_connect_enterprise_certified_containers_operands
12.0.12:r3
ibmapp_connect_enterprise_certified_containers_operands
12.0.12:r4
ibmapp_connect_enterprise_certified_containers_operands
12.0.12:r5
ibmapp_connect_enterprise_certified_containers_operands
12.0.12:r6
ibmapp_connect_enterprise_certified_containers_operands
12.0.12:r7
ibmapp_connect_enterprise_certified_containers_operands
12.0.12:r8
ibmapp_connect_enterprise_certified_containers_operands
12.0.12:r9
ibmapp_connect_enterprise_certified_containers_operands
12.0.12.0:r1
ibmapp_connect_enterprise_certified_containers_operands
12.0.12.0:r2
ibmapp_connect_enterprise_certified_containers_operands
12.0.12.2:r1
ibmapp_connect_enterprise_certified_containers_operands
12.0.12.3:r1
ibmapp_connect_enterprise_certified_containers_operands
12.0.12.4:r1
ibmapp_connect_enterprise_certified_containers_operands
12.0.12.5:r1
ibmapp_connect_enterprise_certified_containers_operands
13.0.1.0:r1
ibmapp_connect_enterprise_certified_containers_operands
13.0.1.0:r2
ibmapp_connect_enterprise_certified_containers_operands
13.0.1.1:r1
ibmapp_connect_enterprise_certified_containers_operands
13.0.2.0:r1
ibmapp_connect_enterprise_certified_containers_operands
13.0.2.1:r1
ibmapp_connect_enterprise_certified_containers_operands
13.0.2.2:r1
ibmapp_connect_enterprise_certified_containers_operands
13.0.2.2:r2
ibmapp_connect_enterprise_certified_containers_operands
13.0.3.0:r1
ibmapp_connect_enterprise_certified_containers_operands
13.0.3.1:r1
ibmapp_connect_enterprise_certified_containers_operands
13.0.4.0:r1
ibmapp_connect_enterprise_certified_containers_operands
13.0.4.1:r1
ibmapp_connect_enterprise_certified_containers_operands
13.0.4.2:r1
ibmapp_connect_enterprise_certified_containers_operands
13.0.5.0:r1
ibmapp_connect_enterprise_certified_containers_operands
13.0.5.1:r1
ibmapp_connect_enterprise_certified_containers_operands
13.0.5.2:r1
ibmapp_connect_enterprise_certified_containers_operands
13.0.6.0:r1
ibmapp_connect_enterprise_certified_containers_operands
13.0.6.1:r1
ibmapp_connect_operator
11.3.0 ≤
𝑥
≤ 11.6.0
ibmapp_connect_operator
12.0.0 ≤
𝑥
≤ 12.0.20
ibmapp_connect_operator
12.1.0 ≤
𝑥
≤ 12.20.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.ibm.com/support/pages/node/7262271