← Voltar para CVEs
CVE-2025-13490
MEDIUM5.9
Descricao
IBM App Connect Operator versions CD 11.3.0 through 11.6.0 and 12.1.0 through 12.20.0, LTS versions 12.0.0 through 12.0.20, and IBM App Connect Enterprise Certified Containers Operands versions CD 12.0.11.2‑r1 through 12.0.12.5‑r1 and 13.0.1.0‑r1 through 13.0.6.1‑r1, and LTS versions 12.0.12‑r1 through 12.0.12‑r20, contain a vulnerability in which the IBM App Connect Enterprise Certified Container transmits data in clear text, potentially allowing an attacker to intercept and obtain sensitive information through man‑in‑the‑middle techniques.
Detalhes CVE
Pontuacao CVSS v3.15.9
SeveridadeMEDIUM
Vetor CVSSCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Vetor de ataqueNETWORK
ComplexidadeHIGH
Privilegios necessariosNONE
Interacao do usuarioNONE
Publicado3/3/2026
Ultima modificacao3/4/2026
Fontenvd
Avistamentos honeypot0
Produtos afetados
ibm:app_connect_enterprise_certified_containers_operandsibm:app_connect_operator
Fraquezas (CWE)
CWE-319CWE-319
Referencias
https://www.ibm.com/support/pages/node/7262271(psirt@us.ibm.com)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.