CVE-2024-49338

CWE-13233 documents3 sources
Severity
4.9MEDIUM
EPSS
0.1%
top 76.13%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM APP Connect Enterprise
Timeline
PublishedJan 18

Description

IBM App Connect Enterprise 12.0.1.0 through 12.0.7.0and 13.0.1.0 under certain configurations could allow a privileged user to obtain JMS credentials.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:NExploitability: 0.7 | Impact: 3.6

Affected Packages2 packages

NVDibm/app_connect_enterprise12.0.1.012.0.12.8+1
CVEListV5ibm/app_connect_enterprise12.0.1.012.0.7.0+1

🔴Vulnerability Details

2
CVEList
IBM App Connect Enterprise information disclosure2025-01-18
GHSA
GHSA-gqxf-64xx-wpj9: IBM App Connect Enterprise 122025-01-18
CVE-2024-49338 (MEDIUM CVSS 4.9) | IBM App Connect Enterprise 12.0.1.0 | cvebase.io