Search

Find a vulnerability

Search criteria

    8 vulnerabilities found for app_connect_operator by ibm

    CVE-2025-13490 (GCVE-0-2025-13490)

    Vulnerability from nvd – Published: 2026-03-03 19:58 – Updated: 2026-03-04 21:16
    VLAI
    Title
    IBM App Connect Enterprise Certified Container IntegrationServer and IntegrationRuntime operands that report metrics are vulnerable to loss of confidentiality
    Summary
    IBM App Connect Operator versions CD 11.3.0 through 11.6.0 and 12.1.0 through 12.20.0, LTS versions 12.0.0 through 12.0.20, and IBM App Connect Enterprise Certified Containers Operands versions CD 12.0.11.2‑r1 through 12.0.12.5‑r1 and 13.0.1.0‑r1 through 13.0.6.1‑r1, and LTS versions 12.0.12‑r1 through 12.0.12‑r20, contain a vulnerability in which the IBM App Connect Enterprise Certified Container transmits data in clear text, potentially allowing an attacker to intercept and obtain sensitive information through man‑in‑the‑middle techniques.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-319 - Cleartext Transmission of Sensitive Information
    Assigner
    ibm
    References
    URL Tags
    https://www.ibm.com/support/pages/node/7262271 vendor-advisorypatch
    Impacted products
    Vendor Product Version
    IBM App Connect Operator Affected: CD:11.3.0 , ≤ 11.6.0, 12.1.0 - 12.20.112.0 LTS:12.0.0 - 12.0.20 (semver)
        cpe:2.3:a:ibm:app_connect_operator:cd:11.3.0:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_operator:11.6.0:*:*:*:*:*:*:*
    Create a notification for this product.
    IBM App Connect EnterpriseCertified Containers Operands Affected: CD:12.0.11.2 , ≤ r1 - 12.0.12.5-r1, 13.0.1.0-r1 - 13.0.6.1-r112.0 LTS:12.0.12-r1 - 12.0.12-r20 (semver)
        cpe:2.3:a:ibm:app_connect_enterprisecertified_containers_operands:cd:12.0.11.2:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprisecertified_containers_operands:r1:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-13490",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-04T21:16:16.704130Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-319",
                    "description": "CWE-319 Cleartext Transmission of Sensitive Information",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-04T21:16:34.932Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:ibm:app_connect_operator:cd:11.3.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_operator:11.6.0:*:*:*:*:*:*:*"
              ],
              "product": "App Connect Operator",
              "vendor": "IBM",
              "versions": [
                {
                  "lessThanOrEqual": "11.6.0, 12.1.0 - 12.20.112.0 LTS:12.0.0 - 12.0.20",
                  "status": "affected",
                  "version": "CD:11.3.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:ibm:app_connect_enterprisecertified_containers_operands:cd:12.0.11.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprisecertified_containers_operands:r1:*:*:*:*:*:*:*"
              ],
              "product": "App Connect EnterpriseCertified Containers Operands",
              "vendor": "IBM",
              "versions": [
                {
                  "lessThanOrEqual": "r1 - 12.0.12.5-r1, 13.0.1.0-r1 - 13.0.6.1-r112.0 LTS:12.0.12-r1 - 12.0.12-r20",
                  "status": "affected",
                  "version": "CD:12.0.11.2",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIBM App Connect Operator versions CD 11.3.0 through 11.6.0 and 12.1.0 through 12.20.0, LTS versions 12.0.0 through 12.0.20, and IBM App Connect Enterprise Certified Containers Operands versions CD 12.0.11.2\u2011r1 through 12.0.12.5\u2011r1 and 13.0.1.0\u2011r1 through 13.0.6.1\u2011r1, and LTS versions 12.0.12\u2011r1 through 12.0.12\u2011r20, contain a vulnerability in which the IBM App Connect Enterprise Certified Container transmits data in clear text, potentially allowing an attacker to intercept and obtain sensitive information through man\u2011in\u2011the\u2011middle techniques.\u003c/p\u003e"
                }
              ],
              "value": "IBM App Connect Operator versions CD 11.3.0 through 11.6.0 and 12.1.0 through 12.20.0, LTS versions 12.0.0 through 12.0.20, and IBM App Connect Enterprise Certified Containers Operands versions CD 12.0.11.2\u2011r1 through 12.0.12.5\u2011r1 and 13.0.1.0\u2011r1 through 13.0.6.1\u2011r1, and LTS versions 12.0.12\u2011r1 through 12.0.12\u2011r20, contain a vulnerability in which the IBM App Connect Enterprise Certified Container transmits data in clear text, potentially allowing an attacker to intercept and obtain sensitive information through man\u2011in\u2011the\u2011middle techniques."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-03T20:00:25.401Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory",
                "patch"
              ],
              "url": "https://www.ibm.com/support/pages/node/7262271"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIBM strongly suggests the following:\u003c/p\u003e\u003cp\u003e\u003cstrong\u003eApp Connect Enterprise Certified Container up to 12.20.1 (Continuous Delivery)\u003c/strong\u003e\u003c/p\u003e\u003cp\u003eUpgrade to App Connect Enterprise Certified Container Operator version 12.21.0 or higher, and ensure that all DesignerAuthoring, IntegrationServer and IntegrationRuntime components are at 13.0.6.2-r1 or higher. \u0026nbsp;Documentation on the upgrade process is available at \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.ibm.com/docs/en/app-connect/13.0?topic=releases-upgrading-operator\"\u003ehttps://www.ibm.com/docs/en/app-connect/13.0?topic=releases-upgrading-operator\u003c/a\u003e\u003c/p\u003e\u003cp\u003e\u003cbr\u003e\u003cstrong\u003eApp Connect Enterprise Certified Container 12.0 LTS (Long Term Support)\u003c/strong\u003e\u003c/p\u003e\u003cp\u003eUpgrade to App Connect Enterprise Certified Container Operator version 12.0.21 or higher, and ensure that all DesignerAuthoring, IntegrationServer and IntegrationRuntime components are at 12.0.12-r21 or higher. \u0026nbsp;Documentation on the upgrade process is available at \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.ibm.com/docs/en/app-connect/12.0?topic=umfpr-upgrading-operator-releases\"\u003ehttps://www.ibm.com/docs/en/app-connect/12.0?topic=umfpr-upgrading-operator-releases\u003c/a\u003e\u003c/p\u003e\u003cbr\u003e"
                }
              ],
              "value": "IBM strongly suggests the following:\n\nApp Connect Enterprise Certified Container up to 12.20.1 (Continuous Delivery)\n\nUpgrade to App Connect Enterprise Certified Container Operator version 12.21.0 or higher, and ensure that all DesignerAuthoring, IntegrationServer and IntegrationRuntime components are at 13.0.6.2-r1 or higher. \u00a0Documentation on the upgrade process is available at  https://www.ibm.com/docs/en/app-connect/13.0?topic=releases-upgrading-operator \n\n\nApp Connect Enterprise Certified Container 12.0 LTS (Long Term Support)\n\nUpgrade to App Connect Enterprise Certified Container Operator version 12.0.21 or higher, and ensure that all DesignerAuthoring, IntegrationServer and IntegrationRuntime components are at 12.0.12-r21 or higher. \u00a0Documentation on the upgrade process is available at  https://www.ibm.com/docs/en/app-connect/12.0?topic=umfpr-upgrading-operator-releases"
            }
          ],
          "title": "IBM App Connect Enterprise Certified Container IntegrationServer and IntegrationRuntime operands that report metrics are vulnerable to loss of confidentiality",
          "x_generator": {
            "engine": "ibm-cvegen"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2025-13490",
        "datePublished": "2026-03-03T19:58:18.375Z",
        "dateReserved": "2025-11-20T20:33:14.629Z",
        "dateUpdated": "2026-03-04T21:16:34.932Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-36133 (GCVE-0-2025-36133)

    Vulnerability from nvd – Published: 2025-09-01 11:56 – Updated: 2025-09-02 20:33
    VLAI
    Title
    IBM App Connect Enterprise information disclosure
    Summary
    IBM App Connect Enterprise Certified Container CD: 9.2.0 through 11.6.0, 12.1.0 through 12.14.0, and 12.0 LTS: 12.0.0 through 12.0.14stores potentially sensitive information in log files during installation that could be read by a local user on the container.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-532 - Insertion of Sensitive Information into Log File
    Assigner
    ibm
    References
    URL Tags
    https://www.ibm.com/support/pages/node/7243690 vendor-advisorypatch
    Impacted products
    Vendor Product Version
    IBM App Connect Enterprise Certified Container Affected: 9.2.0 , ≤ 11.6.0 (semver)
    Affected: 12.0.0 , ≤ 12.0.14 (semver)
    Affected: 12.1.0 , ≤ 12.14.0 (semver)
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:9.2:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:10.0:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:10.1:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.0:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.1:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.2:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.3:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.4:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.5:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.6:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.0:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.1:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.2:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.3:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.4:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.5:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.6:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.7:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.8:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.9:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.10:-:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-36133",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-09-02T20:33:20.745830Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-09-02T20:33:30.540Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:9.2:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:10.0:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:10.1:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.0:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.1:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.2:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.3:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.4:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.5:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.6:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.0:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.1:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.2:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.3:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.4:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.5:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.6:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.7:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.8:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.9:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.10:-:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "App Connect Enterprise Certified Container",
              "vendor": "IBM",
              "versions": [
                {
                  "lessThanOrEqual": "11.6.0",
                  "status": "affected",
                  "version": "9.2.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "12.0.14",
                  "status": "affected",
                  "version": "12.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "12.14.0",
                  "status": "affected",
                  "version": "12.1.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "IBM App Connect Enterprise Certified Container CD: 9.2.0 through 11.6.0, 12.1.0 through 12.14.0, and\u0026nbsp;12.0 LTS: 12.0.0 through 12.0.14stores potentially sensitive information in log files during installation that could be read by a local user on the container."
                }
              ],
              "value": "IBM App Connect Enterprise Certified Container CD: 9.2.0 through 11.6.0, 12.1.0 through 12.14.0, and\u00a012.0 LTS: 12.0.0 through 12.0.14stores potentially sensitive information in log files during installation that could be read by a local user on the container."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 5.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-532",
                  "description": "CWE-532 Insertion of Sensitive Information into Log File",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-09-01T11:56:19.981Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory",
                "patch"
              ],
              "url": "https://www.ibm.com/support/pages/node/7243690"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "IBM App Connect Enterprise information disclosure",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2025-36133",
        "datePublished": "2025-09-01T11:56:19.981Z",
        "dateReserved": "2025-04-15T21:16:19.007Z",
        "dateUpdated": "2025-09-02T20:33:30.540Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-1993 (GCVE-0-2025-1993)

    Vulnerability from nvd – Published: 2025-05-09 17:12 – Updated: 2025-08-31 01:27
    VLAI
    Title
    IBM App Connect Enterprise Certified Container information disclosure
    Summary
    IBM App Connect Enterprise Certified Container 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, 12.4, 12.5, 12.6, 12.7, 12.8, 12.9, and 12.10 DesignerAuthoring instances store their flows in a database that is protected by weaker than expected cryptographic algorithms that could be decrypted by a local user.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-521 - Weak Password Requirements
    Assigner
    ibm
    References
    URL Tags
    https://www.ibm.com/support/pages/node/7233054 vendor-advisorypatch
    Impacted products
    Vendor Product Version
    IBM App Connect Enterprise Certified Container Affected: 8.1
    Affected: 8.2
    Affected: 9.0
    Affected: 9.1
    Affected: 9.2
    Affected: 10.0
    Affected: 10.1
    Affected: 11.0
    Affected: 11.1
    Affected: 11.2
    Affected: 11.3
    Affected: 11.4
    Affected: 11.5
    Affected: 11.6
    Affected: 12.0
    Affected: 12.1
    Affected: 12.2
    Affected: 12.3
    Affected: 12.4
    Affected: 12.5
    Affected: 12.6
    Affected: 12.7
    Affected: 12.8
    Affected: 12.9
    Affected: 12.10
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:8.1:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:8.2:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:9.0:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:9.1:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:9.2:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:10.0:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:10.1:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.0:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.1:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.2:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.3:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.4:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.5:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.6:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.0:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.1:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.2:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.3:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.4:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.5:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.6:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.7:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.8:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.9:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.10:-:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-1993",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-09T19:27:49.855326Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-09T19:41:57.728Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:8.1:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:8.2:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:9.0:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:9.1:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:9.2:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:10.0:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:10.1:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.0:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.1:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.2:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.3:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.4:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.5:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.6:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.0:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.1:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.2:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.3:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.4:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.5:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.6:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.7:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.8:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.9:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.10:-:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "App Connect Enterprise Certified Container",
              "vendor": "IBM",
              "versions": [
                {
                  "status": "affected",
                  "version": "8.1"
                },
                {
                  "status": "affected",
                  "version": "8.2"
                },
                {
                  "status": "affected",
                  "version": "9.0"
                },
                {
                  "status": "affected",
                  "version": "9.1"
                },
                {
                  "status": "affected",
                  "version": "9.2"
                },
                {
                  "status": "affected",
                  "version": "10.0"
                },
                {
                  "status": "affected",
                  "version": "10.1"
                },
                {
                  "status": "affected",
                  "version": "11.0"
                },
                {
                  "status": "affected",
                  "version": "11.1"
                },
                {
                  "status": "affected",
                  "version": "11.2"
                },
                {
                  "status": "affected",
                  "version": "11.3"
                },
                {
                  "status": "affected",
                  "version": "11.4"
                },
                {
                  "status": "affected",
                  "version": "11.5"
                },
                {
                  "status": "affected",
                  "version": "11.6"
                },
                {
                  "status": "affected",
                  "version": "12.0"
                },
                {
                  "status": "affected",
                  "version": "12.1"
                },
                {
                  "status": "affected",
                  "version": "12.2"
                },
                {
                  "status": "affected",
                  "version": "12.3"
                },
                {
                  "status": "affected",
                  "version": "12.4"
                },
                {
                  "status": "affected",
                  "version": "12.5"
                },
                {
                  "status": "affected",
                  "version": "12.6"
                },
                {
                  "status": "affected",
                  "version": "12.7"
                },
                {
                  "status": "affected",
                  "version": "12.8"
                },
                {
                  "status": "affected",
                  "version": "12.9"
                },
                {
                  "status": "affected",
                  "version": "12.10"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "IBM App Connect Enterprise Certified Container 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, 12.4, 12.5, 12.6, 12.7, 12.8, 12.9, and 12.10 DesignerAuthoring instances store their flows in a database that is protected by weaker than expected cryptographic algorithms that could be decrypted by a local user."
                }
              ],
              "value": "IBM App Connect Enterprise Certified Container 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, 12.4, 12.5, 12.6, 12.7, 12.8, 12.9, and 12.10 DesignerAuthoring instances store their flows in a database that is protected by weaker than expected cryptographic algorithms that could be decrypted by a local user."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 5.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-521",
                  "description": "CWE-521 Weak Password Requirements",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-08-31T01:27:51.511Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory",
                "patch"
              ],
              "url": "https://www.ibm.com/support/pages/node/7233054"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "IBM strongly suggests the following:\nApp Connect Enterprise Certified Container up to 12.10.0 (Continuous Delivery)\n\nUpgrade to App Connect Enterprise Certified Container Operator version 12.11.0 or higher, and ensure that all DesignerAuthoring components are at 13.0.3.0-r1 or higher.  Documentation on the upgrade process is available at \u003ca target=\"_blank\" rel=\"nofollow\" href=\"http://www.ibm.com/docs/en/app-connect/13.0?topic=releases-upgrading-operator\"\u003ewww.ibm.com/docs/en/app-connect/13.0?topic=releases-upgrading-operator\u003c/a\u003e\n\n\nApp Connect Enterprise Certified Container 12.0 LTS (Long Term Support)\n\nUpgrade to App Connect Enterprise Certified Container Operator version 12.0.11 or higher, and ensure that all DesignerAuthoring components are at 12.0.12-r11 or higher.  Documentation on the upgrade process is available at \u003ca target=\"_blank\" rel=\"nofollow\" href=\"http://www.ibm.com/docs/en/app-connect/12.0?topic=umfpr-upgrading-operator-releases\"\u003ewww.ibm.com/docs/en/app-connect/12.0?topic=umfpr-upgrading-operator-releases\u003c/a\u003e"
                }
              ],
              "value": "IBM strongly suggests the following:\nApp Connect Enterprise Certified Container up to 12.10.0 (Continuous Delivery)\n\nUpgrade to App Connect Enterprise Certified Container Operator version 12.11.0 or higher, and ensure that all DesignerAuthoring components are at 13.0.3.0-r1 or higher.  Documentation on the upgrade process is available at  www.ibm.com/docs/en/app-connect/13.0?topic=releases-upgrading-operator http://www.ibm.com/docs/en/app-connect/13.0 \n\n\nApp Connect Enterprise Certified Container 12.0 LTS (Long Term Support)\n\nUpgrade to App Connect Enterprise Certified Container Operator version 12.0.11 or higher, and ensure that all DesignerAuthoring components are at 12.0.12-r11 or higher.  Documentation on the upgrade process is available at  www.ibm.com/docs/en/app-connect/12.0?topic=umfpr-upgrading-operator-releases http://www.ibm.com/docs/en/app-connect/12.0"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "IBM App Connect Enterprise Certified Container information disclosure",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2025-1993",
        "datePublished": "2025-05-09T17:12:10.041Z",
        "dateReserved": "2025-03-05T16:10:31.630Z",
        "dateUpdated": "2025-08-31T01:27:51.511Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-52362 (GCVE-0-2024-52362)

    Vulnerability from nvd – Published: 2025-03-12 14:04 – Updated: 2025-09-01 01:06
    VLAI
    Title
    IBM App Connect Enterprise Certified Container denial of service
    Summary
    IBM App Connect Enterprise Certified Container 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, 12.4, 12.5, 12.6, 12.7, and 12.8 could allow an authenticated user to cause a denial of service in the App Connect flow due to improper validation of server-side input.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-1286 - Improper Validation of Syntactic Correctness of Input
    Assigner
    ibm
    References
    URL Tags
    https://www.ibm.com/support/pages/node/7185527 vendor-advisorypatch
    Impacted products
    Vendor Product Version
    IBM App Connect Enterprise Certified Container Affected: 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, 12.4, 12.5, 12.6, 12.7, 12.8
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:7.2:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:8.0:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:8.1:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:8.2:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:9.0:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:9.1:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:9.2:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:10.0:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:10.1:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.0:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.1:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.2:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.3:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.4:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.5:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.6:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.0:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.1:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.2:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.3:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.4:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.5:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.6:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.7:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.8:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-52362",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-03-12T15:13:55.785610Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-12T15:14:08.280Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:7.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:8.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:8.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:8.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:9.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:9.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:9.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:10.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:10.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.6:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.6:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.7:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.8:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "App Connect Enterprise Certified Container",
              "vendor": "IBM",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, 12.4, 12.5, 12.6, 12.7, 12.8"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "IBM App Connect Enterprise Certified Container 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, 12.4, 12.5, 12.6, 12.7, and 12.8 could allow an authenticated user to cause a denial of service in the App Connect flow due to improper validation of server-side input."
                }
              ],
              "value": "IBM App Connect Enterprise Certified Container 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, 12.4, 12.5, 12.6, 12.7, and 12.8 could allow an authenticated user to cause a denial of service in the App Connect flow due to improper validation of server-side input."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1286",
                  "description": "CWE-1286 Improper Validation of Syntactic Correctness of Input",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-09-01T01:06:08.715Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory",
                "patch"
              ],
              "url": "https://www.ibm.com/support/pages/node/7185527"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "IBM App Connect Enterprise Certified Container denial of service",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2024-52362",
        "datePublished": "2025-03-12T14:04:10.525Z",
        "dateReserved": "2024-11-10T16:11:09.567Z",
        "dateUpdated": "2025-09-01T01:06:08.715Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-13490 (GCVE-0-2025-13490)

    Vulnerability from cvelistv5 – Published: 2026-03-03 19:58 – Updated: 2026-03-04 21:16
    VLAI
    Title
    IBM App Connect Enterprise Certified Container IntegrationServer and IntegrationRuntime operands that report metrics are vulnerable to loss of confidentiality
    Summary
    IBM App Connect Operator versions CD 11.3.0 through 11.6.0 and 12.1.0 through 12.20.0, LTS versions 12.0.0 through 12.0.20, and IBM App Connect Enterprise Certified Containers Operands versions CD 12.0.11.2‑r1 through 12.0.12.5‑r1 and 13.0.1.0‑r1 through 13.0.6.1‑r1, and LTS versions 12.0.12‑r1 through 12.0.12‑r20, contain a vulnerability in which the IBM App Connect Enterprise Certified Container transmits data in clear text, potentially allowing an attacker to intercept and obtain sensitive information through man‑in‑the‑middle techniques.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-319 - Cleartext Transmission of Sensitive Information
    Assigner
    ibm
    References
    URL Tags
    https://www.ibm.com/support/pages/node/7262271 vendor-advisorypatch
    Impacted products
    Vendor Product Version
    IBM App Connect Operator Affected: CD:11.3.0 , ≤ 11.6.0, 12.1.0 - 12.20.112.0 LTS:12.0.0 - 12.0.20 (semver)
        cpe:2.3:a:ibm:app_connect_operator:cd:11.3.0:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_operator:11.6.0:*:*:*:*:*:*:*
    Create a notification for this product.
    IBM App Connect EnterpriseCertified Containers Operands Affected: CD:12.0.11.2 , ≤ r1 - 12.0.12.5-r1, 13.0.1.0-r1 - 13.0.6.1-r112.0 LTS:12.0.12-r1 - 12.0.12-r20 (semver)
        cpe:2.3:a:ibm:app_connect_enterprisecertified_containers_operands:cd:12.0.11.2:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprisecertified_containers_operands:r1:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-13490",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-03-04T21:16:16.704130Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-319",
                    "description": "CWE-319 Cleartext Transmission of Sensitive Information",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-03-04T21:16:34.932Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:ibm:app_connect_operator:cd:11.3.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_operator:11.6.0:*:*:*:*:*:*:*"
              ],
              "product": "App Connect Operator",
              "vendor": "IBM",
              "versions": [
                {
                  "lessThanOrEqual": "11.6.0, 12.1.0 - 12.20.112.0 LTS:12.0.0 - 12.0.20",
                  "status": "affected",
                  "version": "CD:11.3.0",
                  "versionType": "semver"
                }
              ]
            },
            {
              "cpes": [
                "cpe:2.3:a:ibm:app_connect_enterprisecertified_containers_operands:cd:12.0.11.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprisecertified_containers_operands:r1:*:*:*:*:*:*:*"
              ],
              "product": "App Connect EnterpriseCertified Containers Operands",
              "vendor": "IBM",
              "versions": [
                {
                  "lessThanOrEqual": "r1 - 12.0.12.5-r1, 13.0.1.0-r1 - 13.0.6.1-r112.0 LTS:12.0.12-r1 - 12.0.12-r20",
                  "status": "affected",
                  "version": "CD:12.0.11.2",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIBM App Connect Operator versions CD 11.3.0 through 11.6.0 and 12.1.0 through 12.20.0, LTS versions 12.0.0 through 12.0.20, and IBM App Connect Enterprise Certified Containers Operands versions CD 12.0.11.2\u2011r1 through 12.0.12.5\u2011r1 and 13.0.1.0\u2011r1 through 13.0.6.1\u2011r1, and LTS versions 12.0.12\u2011r1 through 12.0.12\u2011r20, contain a vulnerability in which the IBM App Connect Enterprise Certified Container transmits data in clear text, potentially allowing an attacker to intercept and obtain sensitive information through man\u2011in\u2011the\u2011middle techniques.\u003c/p\u003e"
                }
              ],
              "value": "IBM App Connect Operator versions CD 11.3.0 through 11.6.0 and 12.1.0 through 12.20.0, LTS versions 12.0.0 through 12.0.20, and IBM App Connect Enterprise Certified Containers Operands versions CD 12.0.11.2\u2011r1 through 12.0.12.5\u2011r1 and 13.0.1.0\u2011r1 through 13.0.6.1\u2011r1, and LTS versions 12.0.12\u2011r1 through 12.0.12\u2011r20, contain a vulnerability in which the IBM App Connect Enterprise Certified Container transmits data in clear text, potentially allowing an attacker to intercept and obtain sensitive information through man\u2011in\u2011the\u2011middle techniques."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-03-03T20:00:25.401Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory",
                "patch"
              ],
              "url": "https://www.ibm.com/support/pages/node/7262271"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eIBM strongly suggests the following:\u003c/p\u003e\u003cp\u003e\u003cstrong\u003eApp Connect Enterprise Certified Container up to 12.20.1 (Continuous Delivery)\u003c/strong\u003e\u003c/p\u003e\u003cp\u003eUpgrade to App Connect Enterprise Certified Container Operator version 12.21.0 or higher, and ensure that all DesignerAuthoring, IntegrationServer and IntegrationRuntime components are at 13.0.6.2-r1 or higher. \u0026nbsp;Documentation on the upgrade process is available at \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.ibm.com/docs/en/app-connect/13.0?topic=releases-upgrading-operator\"\u003ehttps://www.ibm.com/docs/en/app-connect/13.0?topic=releases-upgrading-operator\u003c/a\u003e\u003c/p\u003e\u003cp\u003e\u003cbr\u003e\u003cstrong\u003eApp Connect Enterprise Certified Container 12.0 LTS (Long Term Support)\u003c/strong\u003e\u003c/p\u003e\u003cp\u003eUpgrade to App Connect Enterprise Certified Container Operator version 12.0.21 or higher, and ensure that all DesignerAuthoring, IntegrationServer and IntegrationRuntime components are at 12.0.12-r21 or higher. \u0026nbsp;Documentation on the upgrade process is available at \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.ibm.com/docs/en/app-connect/12.0?topic=umfpr-upgrading-operator-releases\"\u003ehttps://www.ibm.com/docs/en/app-connect/12.0?topic=umfpr-upgrading-operator-releases\u003c/a\u003e\u003c/p\u003e\u003cbr\u003e"
                }
              ],
              "value": "IBM strongly suggests the following:\n\nApp Connect Enterprise Certified Container up to 12.20.1 (Continuous Delivery)\n\nUpgrade to App Connect Enterprise Certified Container Operator version 12.21.0 or higher, and ensure that all DesignerAuthoring, IntegrationServer and IntegrationRuntime components are at 13.0.6.2-r1 or higher. \u00a0Documentation on the upgrade process is available at  https://www.ibm.com/docs/en/app-connect/13.0?topic=releases-upgrading-operator \n\n\nApp Connect Enterprise Certified Container 12.0 LTS (Long Term Support)\n\nUpgrade to App Connect Enterprise Certified Container Operator version 12.0.21 or higher, and ensure that all DesignerAuthoring, IntegrationServer and IntegrationRuntime components are at 12.0.12-r21 or higher. \u00a0Documentation on the upgrade process is available at  https://www.ibm.com/docs/en/app-connect/12.0?topic=umfpr-upgrading-operator-releases"
            }
          ],
          "title": "IBM App Connect Enterprise Certified Container IntegrationServer and IntegrationRuntime operands that report metrics are vulnerable to loss of confidentiality",
          "x_generator": {
            "engine": "ibm-cvegen"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2025-13490",
        "datePublished": "2026-03-03T19:58:18.375Z",
        "dateReserved": "2025-11-20T20:33:14.629Z",
        "dateUpdated": "2026-03-04T21:16:34.932Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-36133 (GCVE-0-2025-36133)

    Vulnerability from cvelistv5 – Published: 2025-09-01 11:56 – Updated: 2025-09-02 20:33
    VLAI
    Title
    IBM App Connect Enterprise information disclosure
    Summary
    IBM App Connect Enterprise Certified Container CD: 9.2.0 through 11.6.0, 12.1.0 through 12.14.0, and 12.0 LTS: 12.0.0 through 12.0.14stores potentially sensitive information in log files during installation that could be read by a local user on the container.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-532 - Insertion of Sensitive Information into Log File
    Assigner
    ibm
    References
    URL Tags
    https://www.ibm.com/support/pages/node/7243690 vendor-advisorypatch
    Impacted products
    Vendor Product Version
    IBM App Connect Enterprise Certified Container Affected: 9.2.0 , ≤ 11.6.0 (semver)
    Affected: 12.0.0 , ≤ 12.0.14 (semver)
    Affected: 12.1.0 , ≤ 12.14.0 (semver)
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:9.2:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:10.0:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:10.1:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.0:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.1:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.2:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.3:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.4:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.5:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.6:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.0:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.1:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.2:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.3:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.4:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.5:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.6:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.7:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.8:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.9:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.10:-:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-36133",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-09-02T20:33:20.745830Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-09-02T20:33:30.540Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:9.2:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:10.0:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:10.1:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.0:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.1:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.2:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.3:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.4:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.5:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.6:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.0:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.1:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.2:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.3:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.4:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.5:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.6:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.7:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.8:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.9:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.10:-:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "App Connect Enterprise Certified Container",
              "vendor": "IBM",
              "versions": [
                {
                  "lessThanOrEqual": "11.6.0",
                  "status": "affected",
                  "version": "9.2.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "12.0.14",
                  "status": "affected",
                  "version": "12.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "12.14.0",
                  "status": "affected",
                  "version": "12.1.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "IBM App Connect Enterprise Certified Container CD: 9.2.0 through 11.6.0, 12.1.0 through 12.14.0, and\u0026nbsp;12.0 LTS: 12.0.0 through 12.0.14stores potentially sensitive information in log files during installation that could be read by a local user on the container."
                }
              ],
              "value": "IBM App Connect Enterprise Certified Container CD: 9.2.0 through 11.6.0, 12.1.0 through 12.14.0, and\u00a012.0 LTS: 12.0.0 through 12.0.14stores potentially sensitive information in log files during installation that could be read by a local user on the container."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 5.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-532",
                  "description": "CWE-532 Insertion of Sensitive Information into Log File",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-09-01T11:56:19.981Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory",
                "patch"
              ],
              "url": "https://www.ibm.com/support/pages/node/7243690"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "IBM App Connect Enterprise information disclosure",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2025-36133",
        "datePublished": "2025-09-01T11:56:19.981Z",
        "dateReserved": "2025-04-15T21:16:19.007Z",
        "dateUpdated": "2025-09-02T20:33:30.540Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-1993 (GCVE-0-2025-1993)

    Vulnerability from cvelistv5 – Published: 2025-05-09 17:12 – Updated: 2025-08-31 01:27
    VLAI
    Title
    IBM App Connect Enterprise Certified Container information disclosure
    Summary
    IBM App Connect Enterprise Certified Container 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, 12.4, 12.5, 12.6, 12.7, 12.8, 12.9, and 12.10 DesignerAuthoring instances store their flows in a database that is protected by weaker than expected cryptographic algorithms that could be decrypted by a local user.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-521 - Weak Password Requirements
    Assigner
    ibm
    References
    URL Tags
    https://www.ibm.com/support/pages/node/7233054 vendor-advisorypatch
    Impacted products
    Vendor Product Version
    IBM App Connect Enterprise Certified Container Affected: 8.1
    Affected: 8.2
    Affected: 9.0
    Affected: 9.1
    Affected: 9.2
    Affected: 10.0
    Affected: 10.1
    Affected: 11.0
    Affected: 11.1
    Affected: 11.2
    Affected: 11.3
    Affected: 11.4
    Affected: 11.5
    Affected: 11.6
    Affected: 12.0
    Affected: 12.1
    Affected: 12.2
    Affected: 12.3
    Affected: 12.4
    Affected: 12.5
    Affected: 12.6
    Affected: 12.7
    Affected: 12.8
    Affected: 12.9
    Affected: 12.10
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:8.1:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:8.2:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:9.0:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:9.1:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:9.2:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:10.0:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:10.1:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.0:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.1:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.2:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.3:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.4:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.5:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.6:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.0:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.1:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.2:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.3:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.4:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.5:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.6:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.7:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.8:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.9:-:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.10:-:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-1993",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-05-09T19:27:49.855326Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-05-09T19:41:57.728Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:8.1:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:8.2:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:9.0:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:9.1:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:9.2:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:10.0:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:10.1:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.0:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.1:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.2:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.3:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.4:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.5:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.6:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.0:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.1:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.2:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.3:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.4:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.5:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.6:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.7:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.8:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.9:-:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.10:-:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "App Connect Enterprise Certified Container",
              "vendor": "IBM",
              "versions": [
                {
                  "status": "affected",
                  "version": "8.1"
                },
                {
                  "status": "affected",
                  "version": "8.2"
                },
                {
                  "status": "affected",
                  "version": "9.0"
                },
                {
                  "status": "affected",
                  "version": "9.1"
                },
                {
                  "status": "affected",
                  "version": "9.2"
                },
                {
                  "status": "affected",
                  "version": "10.0"
                },
                {
                  "status": "affected",
                  "version": "10.1"
                },
                {
                  "status": "affected",
                  "version": "11.0"
                },
                {
                  "status": "affected",
                  "version": "11.1"
                },
                {
                  "status": "affected",
                  "version": "11.2"
                },
                {
                  "status": "affected",
                  "version": "11.3"
                },
                {
                  "status": "affected",
                  "version": "11.4"
                },
                {
                  "status": "affected",
                  "version": "11.5"
                },
                {
                  "status": "affected",
                  "version": "11.6"
                },
                {
                  "status": "affected",
                  "version": "12.0"
                },
                {
                  "status": "affected",
                  "version": "12.1"
                },
                {
                  "status": "affected",
                  "version": "12.2"
                },
                {
                  "status": "affected",
                  "version": "12.3"
                },
                {
                  "status": "affected",
                  "version": "12.4"
                },
                {
                  "status": "affected",
                  "version": "12.5"
                },
                {
                  "status": "affected",
                  "version": "12.6"
                },
                {
                  "status": "affected",
                  "version": "12.7"
                },
                {
                  "status": "affected",
                  "version": "12.8"
                },
                {
                  "status": "affected",
                  "version": "12.9"
                },
                {
                  "status": "affected",
                  "version": "12.10"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "IBM App Connect Enterprise Certified Container 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, 12.4, 12.5, 12.6, 12.7, 12.8, 12.9, and 12.10 DesignerAuthoring instances store their flows in a database that is protected by weaker than expected cryptographic algorithms that could be decrypted by a local user."
                }
              ],
              "value": "IBM App Connect Enterprise Certified Container 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, 12.4, 12.5, 12.6, 12.7, 12.8, 12.9, and 12.10 DesignerAuthoring instances store their flows in a database that is protected by weaker than expected cryptographic algorithms that could be decrypted by a local user."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 5.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-521",
                  "description": "CWE-521 Weak Password Requirements",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-08-31T01:27:51.511Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory",
                "patch"
              ],
              "url": "https://www.ibm.com/support/pages/node/7233054"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "IBM strongly suggests the following:\nApp Connect Enterprise Certified Container up to 12.10.0 (Continuous Delivery)\n\nUpgrade to App Connect Enterprise Certified Container Operator version 12.11.0 or higher, and ensure that all DesignerAuthoring components are at 13.0.3.0-r1 or higher.  Documentation on the upgrade process is available at \u003ca target=\"_blank\" rel=\"nofollow\" href=\"http://www.ibm.com/docs/en/app-connect/13.0?topic=releases-upgrading-operator\"\u003ewww.ibm.com/docs/en/app-connect/13.0?topic=releases-upgrading-operator\u003c/a\u003e\n\n\nApp Connect Enterprise Certified Container 12.0 LTS (Long Term Support)\n\nUpgrade to App Connect Enterprise Certified Container Operator version 12.0.11 or higher, and ensure that all DesignerAuthoring components are at 12.0.12-r11 or higher.  Documentation on the upgrade process is available at \u003ca target=\"_blank\" rel=\"nofollow\" href=\"http://www.ibm.com/docs/en/app-connect/12.0?topic=umfpr-upgrading-operator-releases\"\u003ewww.ibm.com/docs/en/app-connect/12.0?topic=umfpr-upgrading-operator-releases\u003c/a\u003e"
                }
              ],
              "value": "IBM strongly suggests the following:\nApp Connect Enterprise Certified Container up to 12.10.0 (Continuous Delivery)\n\nUpgrade to App Connect Enterprise Certified Container Operator version 12.11.0 or higher, and ensure that all DesignerAuthoring components are at 13.0.3.0-r1 or higher.  Documentation on the upgrade process is available at  www.ibm.com/docs/en/app-connect/13.0?topic=releases-upgrading-operator http://www.ibm.com/docs/en/app-connect/13.0 \n\n\nApp Connect Enterprise Certified Container 12.0 LTS (Long Term Support)\n\nUpgrade to App Connect Enterprise Certified Container Operator version 12.0.11 or higher, and ensure that all DesignerAuthoring components are at 12.0.12-r11 or higher.  Documentation on the upgrade process is available at  www.ibm.com/docs/en/app-connect/12.0?topic=umfpr-upgrading-operator-releases http://www.ibm.com/docs/en/app-connect/12.0"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "IBM App Connect Enterprise Certified Container information disclosure",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2025-1993",
        "datePublished": "2025-05-09T17:12:10.041Z",
        "dateReserved": "2025-03-05T16:10:31.630Z",
        "dateUpdated": "2025-08-31T01:27:51.511Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-52362 (GCVE-0-2024-52362)

    Vulnerability from cvelistv5 – Published: 2025-03-12 14:04 – Updated: 2025-09-01 01:06
    VLAI
    Title
    IBM App Connect Enterprise Certified Container denial of service
    Summary
    IBM App Connect Enterprise Certified Container 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, 12.4, 12.5, 12.6, 12.7, and 12.8 could allow an authenticated user to cause a denial of service in the App Connect flow due to improper validation of server-side input.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-1286 - Improper Validation of Syntactic Correctness of Input
    Assigner
    ibm
    References
    URL Tags
    https://www.ibm.com/support/pages/node/7185527 vendor-advisorypatch
    Impacted products
    Vendor Product Version
    IBM App Connect Enterprise Certified Container Affected: 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, 12.4, 12.5, 12.6, 12.7, 12.8
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:7.2:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:8.0:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:8.1:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:8.2:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:9.0:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:9.1:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:9.2:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:10.0:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:10.1:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.0:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.1:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.2:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.3:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.4:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.5:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.6:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.0:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.1:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.2:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.3:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.4:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.5:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.6:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.7:*:*:*:*:*:*:*
        cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.8:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-52362",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-03-12T15:13:55.785610Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-12T15:14:08.280Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "cpes": [
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:7.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:8.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:8.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:8.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:9.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:9.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:9.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:10.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:10.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.6:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.0:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.1:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.2:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.3:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.4:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.5:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.6:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.7:*:*:*:*:*:*:*",
                "cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.8:*:*:*:*:*:*:*"
              ],
              "defaultStatus": "unaffected",
              "product": "App Connect Enterprise Certified Container",
              "vendor": "IBM",
              "versions": [
                {
                  "status": "affected",
                  "version": "7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, 12.4, 12.5, 12.6, 12.7, 12.8"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "IBM App Connect Enterprise Certified Container 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, 12.4, 12.5, 12.6, 12.7, and 12.8 could allow an authenticated user to cause a denial of service in the App Connect flow due to improper validation of server-side input."
                }
              ],
              "value": "IBM App Connect Enterprise Certified Container 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, 12.4, 12.5, 12.6, 12.7, and 12.8 could allow an authenticated user to cause a denial of service in the App Connect flow due to improper validation of server-side input."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 4.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-1286",
                  "description": "CWE-1286 Improper Validation of Syntactic Correctness of Input",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-09-01T01:06:08.715Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory",
                "patch"
              ],
              "url": "https://www.ibm.com/support/pages/node/7185527"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "IBM App Connect Enterprise Certified Container denial of service",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2024-52362",
        "datePublished": "2025-03-12T14:04:10.525Z",
        "dateReserved": "2024-11-10T16:11:09.567Z",
        "dateUpdated": "2025-09-01T01:06:08.715Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }