IBM App Connect Enterprise Certified Container 1.0, 1.1, 1.2, 1.3, 1.4 and 1.5 could disclose sensitive information to a local user when it is configured to use an IBM Cloud API key to connect to cloud-based connectors. IBM X-Force ID: 207630.
2021-10-08T18:15:07.537
2024-11-21T06:01:58.530
Modified
CVSSv3.1: 5.5 (MEDIUM)
AV:L/AC:M/Au:N/C:P/I:N/A:N
3.4
2.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | ibm | app_connect_enterprise_certified_container | 1.0.0 | Yes |
| Application | ibm | app_connect_enterprise_certified_container | 1.1.0 | Yes |
| Application | ibm | app_connect_enterprise_certified_container | 1.2.0 | Yes |
| Application | ibm | app_connect_enterprise_certified_container | 1.3.0 | Yes |
| Application | ibm | app_connect_enterprise_certified_container | 1.4.0 | Yes |
| Application | ibm | app_connect_enterprise_certified_container | 1.5.0 | Yes |
| Application | redhat | openshift | - | No |