Network Egress Vulnerability in IBM App Connect Enterprise Certified Container
CVE-2022-43916

6.8MEDIUM

Key Information:

Vendor: IBM
Status: App Connect Enterprise Certified Container
Vendor: CVE Published:; 30 January 2025

Summary

A network egress vulnerability exists in IBM App Connect Enterprise Certified Container that allows Pods utilized for internal infrastructure to access egress traffic without proper restrictions. This could potentially expose sensitive data and allow unauthorized external communication from the internal network environment. Organizations are advised to implement security measures to limit network access and mitigate potential risks associated with this vulnerability.

Affected Version(s)

App Connect Enterprise Certified Container 7.1, 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, 12.4, 12.5, 12.6, 12.7

References

https://www.ibm.com/support/pages/node/7181916

vendor-advisory

CVSS V3.1

Score:

6.8

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 30, 2025
Vulnerability Reserved
Oct 26, 2022