CVE-2025-1993

Medium CVSS: 5.1

IBM App Connect Enterprise Certified Container 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, 12.4, 12.5, 12.6, 12.7, 12.8, 12.9, and 12.10 DesignerAuthoring instances store their flows in a database that is protected by weaker than expected cryptographic algorithms that could be decrypted by a local user.

Vendor

Ibm

Product

App Connect Enterprise Certified Containers Operands

CWE

CWE-521

Yayın Tarihi

2025-05-09 18:16:04

Güncelleme

2025-08-20 02:46:19

Source Identifier

psirt@us.ibm.com

KEV Date Added

Kategoriler

CWE-521 App Connect Enterprise Certified Containers Operands MEDIUM Ibm 2025

Referanslar

https://www.ibm.com/support/pages/node/7233054

Benzer Kayıtlar

Low

CVE-2025-66487

IBM Aspera Shares 1.9.9 through 1.11.0 does not properly rate limit the frequency that an authenticated user can send em…

Medium

CVE-2025-66486

IBM Aspera Shares 1.9.9 through 1.11.0 is vulnerable to HTML injection. A remote attacker could inject malicious HTML co…

Medium

CVE-2025-66485

IBM Aspera Shares 1.9.9 through 1.11.0 is vulnerable to HTTP header injection, caused by improper validation of input by…

Medium

CVE-2025-66484

IBM Aspera Shares 1.9.9 through 1.11.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to…

Medium

CVE-2025-66483

IBM Aspera Shares 1.9.9 through 1.11.0 does not invalidate session after a password reset which could allow an authentic…

Medium

CVE-2025-36375

IBM DataPower Gateway 10.6CD 10.6.1.0 through 10.6.5.0 and IBM DataPower Gateway 10.5.0 10.5.0.0 through 10.5.0.20 and I…