CVE-2022-42439

IBM App Connect Enterprise 11.0.0.17 through 11.0.0.19 and 12.0.4.0 and 12.0.5.0 contains an unspecified vulnerability in the Discovery Connector nodes which may cause a 3rd party system’s credentials to be exposed to a privileged attacker. IBM X-Force ID: 238211.

Published: Feb 6, 2023
Updated: Nov 8, 2023
CVE: CVE-2022-42439
Severity: Low
Exploit:

CVSS v3:

Severity: Low
Score: 4.9
AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

CWEs:

CWE-200
CWE-532

Affected Software
References

Software	From	Fixed in
ibm / app_connect_enterprise	11.0.0.17	11.0.0.19.x
ibm / app_connect_enterprise	12.0.4.0	12.0.4.0.x
ibm / app_connect_enterprise	12.0.5.0	12.0.5.0.x
ibm / app_connect_enterprise_certified_container	4.1	4.1.x
ibm / app_connect_enterprise_certified_container	4.2	4.2.x
ibm / app_connect_enterprise_certified_container	5.0	5.0.x
ibm / app_connect_enterprise_certified_container	5.1	5.1.x
ibm / app_connect_enterprise_certified_container	5.2	5.2.x
ibm / app_connect_enterprise_certified_container	6.0	6.0.x

https://exchange.xforce.ibmcloud.com/vulnerabilities/238211
https://www.ibm.com/support/pages/node/6952435

Vulnerability Database

CVE-2022-42439