FKIE_CVE-2025-13490
Vulnerability from fkie_nvd - Published: 2026-03-03 20:16 - Updated: 2026-03-04 22:16
Severity ?
Summary
IBM App Connect Operator versions CD 11.3.0 through 11.6.0 and 12.1.0 through 12.20.0, LTS versions 12.0.0 through 12.0.20, and IBM App Connect Enterprise Certified Containers Operands versions CD 12.0.11.2‑r1 through 12.0.12.5‑r1 and 13.0.1.0‑r1 through 13.0.6.1‑r1, and LTS versions 12.0.12‑r1 through 12.0.12‑r20, contain a vulnerability in which the IBM App Connect Enterprise Certified Container transmits data in clear text, potentially allowing an attacker to intercept and obtain sensitive information through man‑in‑the‑middle techniques.
References
| URL | Tags | ||
|---|---|---|---|
| psirt@us.ibm.com | https://www.ibm.com/support/pages/node/7262271 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.11.2:r1:*:*:continuous_delivery:*:*:*",
"matchCriteriaId": "3674885C-E41E-432D-B54D-8237AE28F0BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.11.3:r1:*:*:continuous_delivery:*:*:*",
"matchCriteriaId": "8DD9CC74-88BD-4DD5-8D32-FCC376058B75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.12:r1:*:*:lts:*:*:*",
"matchCriteriaId": "860DA805-3E6F-4191-B519-F22C6C291F47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.12:r10:*:*:lts:*:*:*",
"matchCriteriaId": "E2786164-890F-4D0E-BDA3-B5EAA2FDC171",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.12:r11:*:*:lts:*:*:*",
"matchCriteriaId": "029C5F3F-413C-4EA0-AD61-6AD31A3D3C5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.12:r12:*:*:lts:*:*:*",
"matchCriteriaId": "C30D0EC6-8216-4CB6-BA00-4F5A8E6A2038",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.12:r13:*:*:lts:*:*:*",
"matchCriteriaId": "FE21108C-186A-4153-9A2D-E60755D336B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.12:r14:*:*:lts:*:*:*",
"matchCriteriaId": "0BEB718B-B6E8-4B9A-B415-1A0B79F355EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.12:r15:*:*:lts:*:*:*",
"matchCriteriaId": "515CBDE7-7561-44B0-980B-8397BCDDEE41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.12:r16:*:*:lts:*:*:*",
"matchCriteriaId": "BB1FD58D-A910-4725-8DF3-8110717D16CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.12:r17:*:*:lts:*:*:*",
"matchCriteriaId": "C9269D22-86F2-4E77-944F-D287280AEC5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.12:r18:*:*:lts:*:*:*",
"matchCriteriaId": "270A427B-627D-4495-84A3-8230C15F5614",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.12:r19:*:*:lts:*:*:*",
"matchCriteriaId": "3DDFDBE0-9383-49E9-AB27-6CB79260AABE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.12:r2:*:*:lts:*:*:*",
"matchCriteriaId": "39CD3717-414D-459B-97E5-D5E3E716F802",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.12:r20:*:*:lts:*:*:*",
"matchCriteriaId": "63A974CD-2F88-46DF-876D-0F60C7A430D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.12:r3:*:*:lts:*:*:*",
"matchCriteriaId": "55611B27-925F-4B7F-A27F-EA09DBD16B18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.12:r4:*:*:lts:*:*:*",
"matchCriteriaId": "36DF4E1E-239A-41EC-88B4-56706C1520FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.12:r5:*:*:lts:*:*:*",
"matchCriteriaId": "11EB2D3E-6344-4176-8877-FD5DCAC6B54B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.12:r6:*:*:lts:*:*:*",
"matchCriteriaId": "8FD86660-3B6F-497F-B2FB-93E4E5E6A6B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.12:r7:*:*:lts:*:*:*",
"matchCriteriaId": "89564F3C-AE15-47C7-A18B-B222BD66AA48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.12:r8:*:*:lts:*:*:*",
"matchCriteriaId": "2CBFAF71-B95D-4A7D-9DB8-D1DBC963E4F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.12:r9:*:*:lts:*:*:*",
"matchCriteriaId": "66D6C709-E8AC-49F4-B55C-EB1B91CA7FC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.12.0:r1:*:*:continuous_delivery:*:*:*",
"matchCriteriaId": "1CF7327E-91B2-49E7-A97E-65E9401C5806",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.12.0:r2:*:*:continuous_delivery:*:*:*",
"matchCriteriaId": "26B3C29C-08D8-488F-BBD1-C4159ABD9397",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.12.2:r1:*:*:continuous_delivery:*:*:*",
"matchCriteriaId": "787A0E1D-1373-4C8C-AC51-1776856626C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.12.3:r1:*:*:continuous_delivery:*:*:*",
"matchCriteriaId": "2F4C1A59-9BA7-42D4-80A2-552A36A84197",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.12.4:r1:*:*:continuous_delivery:*:*:*",
"matchCriteriaId": "832B1D5A-C1BC-4179-8BA2-8CDFDD2F64A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.12.5:r1:*:*:continuous_delivery:*:*:*",
"matchCriteriaId": "D0A177C3-85CB-4755-BB31-A70E0217473B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:13.0.1.0:r1:*:*:continuous_delivery:*:*:*",
"matchCriteriaId": "7DC9D362-0F22-44F1-A9AC-5B644CE76ACA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:13.0.1.0:r2:*:*:continuous_delivery:*:*:*",
"matchCriteriaId": "D19BBB5F-1868-42D5-A937-CD9F027633B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:13.0.1.1:r1:*:*:continuous_delivery:*:*:*",
"matchCriteriaId": "853A9A65-421B-49D1-96E9-70E8A9BF4BA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:13.0.2.0:r1:*:*:continuous_delivery:*:*:*",
"matchCriteriaId": "40D63040-48B8-4067-ABE7-C6ED3D388FEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:13.0.2.1:r1:*:*:continuous_delivery:*:*:*",
"matchCriteriaId": "37AE3E6F-C42E-43C8-AD49-72D25CCD39A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:13.0.2.2:r1:*:*:continuous_delivery:*:*:*",
"matchCriteriaId": "BABCDF37-745E-4C6D-85E0-C406A4C825FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:13.0.2.2:r2:*:*:continuous_delivery:*:*:*",
"matchCriteriaId": "1D517F13-8FE4-4EB0-979E-7CDB057D8361",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:13.0.3.0:r1:*:*:continuous_delivery:*:*:*",
"matchCriteriaId": "1A2D8FCF-795D-44B8-BE82-0853EF60D196",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:13.0.3.1:r1:*:*:continuous_delivery:*:*:*",
"matchCriteriaId": "850D1DA1-4790-42E9-9207-59A3A0FDDE06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:13.0.4.0:r1:*:*:continuous_delivery:*:*:*",
"matchCriteriaId": "8ECFD3A2-481A-4FDA-BE46-3663B7936D90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:13.0.4.1:r1:*:*:continuous_delivery:*:*:*",
"matchCriteriaId": "621D35CC-EF98-4E09-AE41-8B0288842EFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:13.0.4.2:r1:*:*:continuous_delivery:*:*:*",
"matchCriteriaId": "73F04574-95A9-4E4B-B6EA-027929BA99F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:13.0.5.0:r1:*:*:continuous_delivery:*:*:*",
"matchCriteriaId": "16628E77-7CD0-4819-985D-F156957BEC0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:13.0.5.1:r1:*:*:continuous_delivery:*:*:*",
"matchCriteriaId": "F4151A1D-99DA-4227-B8A9-321BA1BBCE18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:13.0.5.2:r1:*:*:continuous_delivery:*:*:*",
"matchCriteriaId": "C3E4B20A-044B-41E7-AD34-92C64469E19A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:13.0.6.0:r1:*:*:continuous_delivery:*:*:*",
"matchCriteriaId": "E097F753-2F13-42E3-8B5A-3DE3A78E6B91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:13.0.6.1:r1:*:*:continuous_delivery:*:*:*",
"matchCriteriaId": "9F134C81-BDFB-4009-9F1C-AEB9AB03DF4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:app_connect_operator:*:*:*:*:continuous_delivery:*:*:*",
"matchCriteriaId": "CE03393A-C7E5-4D2C-A713-F4EBC7A4EAF7",
"versionEndIncluding": "11.6.0",
"versionStartIncluding": "11.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:app_connect_operator:*:*:*:*:lts:*:*:*",
"matchCriteriaId": "3A520B81-D470-4928-B0CF-8348CC76E75A",
"versionEndIncluding": "12.0.20",
"versionStartIncluding": "12.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:app_connect_operator:*:*:*:*:continuous_delivery:*:*:*",
"matchCriteriaId": "BEAF81DB-4E3D-4F7A-A468-0FB28FE310F8",
"versionEndIncluding": "12.20.1",
"versionStartIncluding": "12.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM App Connect Operator versions CD 11.3.0 through 11.6.0 and 12.1.0 through 12.20.0, LTS versions 12.0.0 through 12.0.20, and IBM App Connect Enterprise Certified Containers Operands versions CD 12.0.11.2\u2011r1 through 12.0.12.5\u2011r1 and 13.0.1.0\u2011r1 through 13.0.6.1\u2011r1, and LTS versions 12.0.12\u2011r1 through 12.0.12\u2011r20, contain a vulnerability in which the IBM App Connect Enterprise Certified Container transmits data in clear text, potentially allowing an attacker to intercept and obtain sensitive information through man\u2011in\u2011the\u2011middle techniques."
},
{
"lang": "es",
"value": "Las versiones de IBM App Connect Operator CD 11.3.0 a 11.6.0 y 12.1.0 a 12.20.0, las versiones LTS 12.0.0 a 12.0.20, y las versiones de Operandos de IBM App Connect Enterprise Certified Containers CD 12.0.11.2?r1 a 12.0.12.5?r1 y 13.0.1.0?r1 a 13.0.6.1?r1, y las versiones LTS 12.0.12?r1 a 12.0.12?r20, contienen una vulnerabilidad en la que el Contenedor Certificado de IBM App Connect Enterprise transmite datos en texto claro, lo que podr\u00eda permitir a un atacante interceptar y obtener informaci\u00f3n sensible mediante t\u00e9cnicas de intermediario."
}
],
"id": "CVE-2025-13490",
"lastModified": "2026-03-04T22:16:11.060",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "psirt@us.ibm.com",
"type": "Secondary"
}
]
},
"published": "2026-03-03T20:16:42.013",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.ibm.com/support/pages/node/7262271"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-319"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-319"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…