Information Disclosure Vulnerability in IBM App Connect Enterprise Certified Container
CVE-2021-29906

5.1MEDIUM

Key Information:

Vendor: IBM
Status: App Connect Enterprise Certified Container
Vendor: CVE Published:; 8 October 2021

What is CVE-2021-29906?

The IBM App Connect Enterprise Certified Container version range 1.0 to 1.5 is prone to an information disclosure vulnerability. When configured with an IBM Cloud API key for connecting to various cloud-based connectors, it may inadvertently expose sensitive information to local users. It is crucial for organizations relying on this product to assess their configurations to prevent unintended data leaks and ensure robust security measures are in place to protect sensitive information.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

App Connect Enterprise Certified Container 1.0.0

App Connect Enterprise Certified Container 1.0.1

App Connect Enterprise Certified Container 1.0.2

References

https://www.ibm.com/support/pages/node/6497177

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/207630

vdb-entryx_refsource_XF

CVSS V3.1

Score:

5.1

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Oct 8, 2021
Vulnerability Reserved
Mar 31, 2021

JSON

IBM

What is CVE-2021-29906?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.