IBM App Connect Enterprise 13.0.1.0 through 13.0.7.2, and 12.0.1.0 through 12.0.12.26 and IBM Integration Bus for z/OS 10.1.0.0 through 10.1.0.7 is vulnerable to SQL injection. A remote attacker could socially engineer a user into accidentally creating files they may not be aware of.
oryginał ENCVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:NIBM App Connect Enterprise
APPIbm12.0.1.0 – 12.0.12.27 (bez)13.0.1.0 – 13.0.8.0 (bez)IBM Integration Bus
APPIbm10.1.0.0 – 10.1.0.7IBM Z\/os
OSIbmwszystkie wersje
Powiązane podatności
RCE w IBM WebSphere Application Server przez niebezpieczną deserializację
IBM App Connect Enterprise — brak limitu prób uwierzytelnienia (DoS/ujawnienie danych)
IBM Curam Social Program Management 8.0.0 and 8.0.1 does not invalidate session after logout which could allow...
IBM Curam Social Program Management 8.0.0 and 8.0.1 does not invalidate session after logout which could allow...
SAS XML Mapper 9.45 has an XML External Entity (XXE) vulnerability that can be leveraged by malicious attacker...