Ibm App Connect Enterprise
15 CVEs affecting Ibm App Connect Enterprise. Latest disclosed: 2026-05-27. Critical: 1, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-22317 | Critical | 9.1 | 2024-01-18 | IBM App Connect Enterprise 11.0.0.1 through 11.0.0.24 and 12.0.1.0 through 12.0.11.0 could allow a remote attacker to obtain sensitive information or cause a d… |
CVE-2022-42439 | Medium | 6.8 | 2023-02-06 | IBM App Connect Enterprise 11.0.0.17 through 11.0.0.19 and 12.0.4.0 and 12.0.5.0 contains an unspecified vulnerability in the Discovery Connector nodes which… |
CVE-2024-31904 | Medium | 6.5 | 2024-05-22 | IBM App Connect Enterprise 11.0.0.1 through 11.0.0.25 and 12.0.1.0 through 12.0.12.0 integration nodes could allow an authenticated user to cause a denial of s… |
CVE-2025-36361 | Medium | 6.3 | 2025-10-24 | IBM App Connect Enterprise 13.0.1.0 through 13.0.4.2, and 12.0.1.0 through 12.0.12.17 could allow an authenticated user to perform unauthorized actions on cust… |
CVE-2023-45176 | Medium | 6.2 | 2023-10-14 | IBM App Connect Enterprise 11.0.0.1 through 11.0.0.23, 12.0.1.0 through 12.0.10.0 and IBM Integration Bus 10.1 through 10.1.0.1 are vulnerable to a denial of s… |
CVE-2026-5515 | Medium | 5.5 | 2026-05-27 | IBM App Connect Enterprise 13.0.1.0 through 13.0.7.0 stores potentially sensitive information in log files that could be read by a local user. |
CVE-2024-28761 | Medium | 5.4 | 2024-05-11 | IBM App Connect Enterprise 11.0.0.1 through 11.0.0.25 and 12.0.1.0 through 12.0.12.0 is vulnerable to HTML injection. A remote attacker could inject malicious… |
CVE-2024-22356 | Medium | 4.9 | 2024-03-26 | IBM App Connect Enterprise 11.0.0.1 through 11.0.0.23, 12.0.1.0 through 12.0.9.0 and IBM Integration Bus for z/OS 10.1 through 10.1.0.2store potentially sensit… |
CVE-2022-42444 | Medium | 4.9 | 2023-02-06 | IBM App Connect Enterprise 11.0.0.8 through 11.0.0.19 and 12.0.1.0 through 12.0.5.0 is vulnerable to a buffer overflow. A remote privileged user could overflow… |
CVE-2024-49338 | Medium | 4.4 | 2025-01-18 | IBM App Connect Enterprise 12.0.1.0 through 12.0.7.0and 13.0.1.0 under certain configurations could allow a privileged user to obtain JMS credentials. |
CVE-2023-40682 | Medium | 4.4 | 2023-10-13 | IBM App Connect Enterprise 12.0.1.0 through 12.0.8.0 contains an unspecified vulnerability that could allow a local privileged user to obtain sensitive informa… |
CVE-2024-31894 | Medium | 4.3 | 2024-05-22 | IBM App Connect Enterprise 12.0.1.0 through 12.0.12.1 could allow an authenticated user to obtain sensitive user information using an expired access token. IB… |
CVE-2024-31895 | Medium | 4.3 | 2024-05-22 | IBM App Connect Enterprise 12.0.1.0 through 12.0.12.1 could allow an authenticated user to obtain sensitive user information using an expired access token. IB… |
CVE-2024-31893 | Medium | 4.3 | 2024-05-22 | IBM App Connect Enterprise 12.0.1.0 through 12.0.12.1 could allow an authenticated user to obtain sensitive calendar information using an expired access token… |
CVE-2024-28760 | Medium | 4.3 | 2024-05-11 | IBM App Connect Enterprise 11.0.0.1 through 11.0.0.25 and 12.0.1.0 through 12.0.12.0 dashboard is vulnerable to a denial of service due to improper restriction… |