CVE-2024-52362

CWE-12863 documents3 sources

Severity

6.5MEDIUM

EPSS

0.1%

top 71.69%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM APP Connect Operator IBM APP Connect Enterprise Certified Container IBM APP Connect Enterprise Certified Containers Operands

Timeline

PublishedMar 12

Description

IBM App Connect Enterprise Certified Container 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, 12.4, 12.5, 12.6, 12.7, and 12.8 could allow an authenticated user to cause a denial of service in the App Connect flow due to improper validation of server-side input.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:LExploitability: 2.8 | Impact: 1.4

Affected Packages3 packages

▶CVEListV5ibm/app_connect_enterprise_certified_container7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, 12.4, 12.5, 12.6, 12.7, 12.8

▶NVDibm/app_connect_enterprise_certified_containers_operands4 versions+3

▶NVDibm/app_connect_operator12.0.0 — 12.9.0 +3

🔴Vulnerability Details

CVEList

IBM App Connect Enterprise Certified Container denial of service↗2025-03-12

▶

GHSA

GHSA-97hp-c3p8-8ggc: IBM App Connect Enterprise Certified Container 7↗2025-03-12

▶