A vulnerability exists in IBM App Connect Enterprise Certified Container versions 9.2.0 through 11.6.0, 12.1.0 through 12.14.0, and 12.0 LTS versions 12.0.0 through 12.0.14. The issue involves the improper handling of potentially sensitive information, which is logged during the installation process. This information could be accessed by a local user within the container.
Exploitation of this vulnerability could lead to unauthorized access to sensitive information stored in log files, potentially allowing a local user to gain insights into the application's operation or configuration.
Users are advised to upgrade to IBM App Connect Enterprise Certified Container Operator version 12.0.15 or higher for the 12.0 LTS version, and version 12.15.0 or higher for the Continuous Delivery version. Documentation on the upgrade process is available on the IBM App Connect documentation site.
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.
