IBM App Connect Enterprise 12.0.1.0 through 12.0.12.1 could allow an authenticated user to obtain sensitive user information using an expired access token. IBM X-Force ID: 288176.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NIBM App Connect Enterprise
APPIbm12.0.1.0 – 12.0.12.2 (bez)
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Related vulnerabilities
CVE-2024-22317CRITICAL9.1PL ✓ten sam produkt
IBM App Connect Enterprise — brak limitu prób uwierzytelnienia (DoS/ujawnienie danych)
CVE-2026-3602MEDIUM4.7ten sam produkt
IBM App Connect Enterprise 13.0.1.0 through 13.0.7.2, and 12.0.1.0 through 12.0.12.26 and IBM Integration Bus ...
CVE-2026-5515MEDIUM5.5ten sam produkt
IBM App Connect Enterprise 13.0.1.0 through 13.0.7.0 stores potentially sensitive information in log files tha...
CVE-2025-36361MEDIUM6.3ten sam produkt
IBM App Connect Enterprise 13.0.1.0 through 13.0.4.2, and 12.0.1.0 through 12.0.12.17 could allow an authentic...
CVE-2025-0799MEDIUM6.5ten sam produkt
IBM App Connect enterprise 12.0.1.0 through 12.0.12.10 and 13.0.1.0 through 13.0.2.1 could allow an authentica...