CVE-2025-13491

CWE-4263 documents3 sources
Severity
5.1MEDIUM
EPSS
0.0%
top 99.74%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM APP Connect Enterprise Certified Container
Timeline
PublishedFeb 5

Description

IBM App Connect Enterprise Certified Container CD: 11.2.0 through 11.6.0, 12.1.0 through 12.19.0 and 12.0 LTS: 12.0.0 through 12.0.19 could allow an attacker to access sensitive files or modify configurations due to an untrusted search path.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:NExploitability: 2.5 | Impact: 2.5

Affected Packages1 packages

CVEListV5ibm/app_connect_enterprise_certified_container11.2.011.6.0+2

🔴Vulnerability Details

2
CVEList
IBM App Connect Enterprise Certified Container Information Disclosure2026-02-05
GHSA
GHSA-f4xv-648j-g6xj: IBM App Connect Enterprise Certified Container up to 122026-02-05
CVE-2025-13491 (MEDIUM CVSS 5.1) | IBM App Connect Enterprise Certifie | cvebase.io