A denial-of-service vulnerability has been identified in IBM App Connect Enterprise Certified Container versions 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, 12.4, 12.5, 12.6, 12.7, and 12.8. This vulnerability allows an authenticated user to disrupt the App Connect flow by exploiting improper validation of server-side input, which can lead to flows becoming inaccessible.
Exploitation of this vulnerability can cause flows within the App Connect Enterprise Certified Container to become inaccessible, leading to a denial-of-service condition where the affected functionality cannot be used.
Users are advised to upgrade to App Connect Enterprise Certified Container Operator version 12.9.0 or higher, and ensure that all DesignerAuthoring components are at 13.0.2.2-r1 or higher. For those using the 12.0 LTS version, upgrade to version 12.0.9 or higher and ensure all DesignerAuthoring components are at 12.0.12-r9 or higher.
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.
