CVE-2022-42444Classic Buffer Overflow in IBM APP Connect Enterprise

CWE-120Classic Buffer OverflowCWE-121Stack-based Buffer Overflow3 documents3 sources
Severity
6.5MEDIUMNVD
CNA4.9
EPSS
0.2%
top 53.75%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM APP Connect Enterprise
Timeline
PublishedFeb 12

Description

IBM App Connect Enterprise 11.0.0.8 through 11.0.0.19 and 12.0.1.0 through 12.0.5.0 is vulnerable to a buffer overflow. A remote privileged user could overflow a buffer and cause the application to crash. IBM X-Force ID: 238538.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

CVEListV5ibm/app_connect_enterprise11.0.0.811.0.0.19+1
NVDibm/app_connect_enterprise11.0.0.811.0.0.19+1

Patches

Patch: www.ibm.comPatch: www.ibm.com

🔴Vulnerability Details

2
GHSA
GHSA-j63j-9fw8-qxw3: IBM App Connect Enterprise 112023-02-12
CVEList
IBM App Connect Enterprise denial of service2023-02-06
CVE-2022-42444 — Classic Buffer Overflow in IBM | cvebase