A vulnerability exists in IBM App Connect Enterprise Certified Container Pods across multiple versions, including 7.1, 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, 12.4, 12.5, 12.6, and 12.7. These Pods do not properly restrict network egress for internal infrastructure, allowing unnecessary external access.
Exploitation of this vulnerability could lead to unauthorized external access from Pods intended for internal use, potentially allowing for data exfiltration or interaction with external services.
Users are advised to upgrade to IBM App Connect Enterprise Certified Container Operator version 12.8.0 or higher for the Continuous Delivery channel, and version 12.0.8 or higher for the Long Term Support channel. Documentation on the upgrade process is available on the IBM App Connect documentation site.
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.
