MEDIUM🇬🇧 English

CVE-2024-31895

CVSS 4.3v3.1pub. 2024-05-22upd. 2025-01-08

IBM App Connect Enterprise 12.0.1.0 through 12.0.12.1 could allow an authenticated user to obtain sensitive user information using an expired access token. IBM X-Force ID: 288176.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
  • IBM App Connect Enterprise

    APP
    Ibm
    12.0.1.0 – 12.0.12.2 (bez)
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2024-22317CRITICAL9.1PL ✓ten sam produkt

IBM App Connect Enterprise — brak limitu prób uwierzytelnienia (DoS/ujawnienie danych)

CVE-2026-3602MEDIUM4.7ten sam produkt

IBM App Connect Enterprise 13.0.1.0 through 13.0.7.2, and 12.0.1.0 through 12.0.12.26 and IBM Integration Bus ...

CVE-2026-5515MEDIUM5.5ten sam produkt

IBM App Connect Enterprise 13.0.1.0 through 13.0.7.0 stores potentially sensitive information in log files tha...

CVE-2025-36361MEDIUM6.3ten sam produkt

IBM App Connect Enterprise 13.0.1.0 through 13.0.4.2, and 12.0.1.0 through 12.0.12.17 could allow an authentic...

CVE-2025-0799MEDIUM6.5ten sam produkt

IBM App Connect enterprise 12.0.1.0 through 12.0.12.10 and 13.0.1.0 through 13.0.2.1 could allow an authentica...