IBM App Connect Enterprise Vulnerability: Authenticated User Access to Sensitive User Information via Expired Access Token
CVE-2024-31895
4.3MEDIUM
Summary
IBM App Connect Enterprise 12.0.1.0 through 12.0.12.1 could allow an authenticated user to obtain sensitive user information using an expired access token. IBM X-Force ID: 288176.
Affected Version(s)
App Connect Enterprise <= 12.0.12.1
CVSS V3.1
Score:
4.3
Severity:
MEDIUM
Confidentiality:
LOW
Integrity:
NONE
Availability:
NONE
Attack Complexity:
LOW
Privileges Required:
LOW
User Interaction:
NONE
Scope:
UNCHANGED
Timeline
Risk change from: null to: 4.3 - (MEDIUM)
Vulnerability published.
Collectors
NVD DatabaseMitre Database