CVE-2024-52362

MEDIUM

IBM App Connect Enterprise Certified Container - DoS

Title source: llm

Description

IBM App Connect Enterprise Certified Container 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, 12.4, 12.5, 12.6, 12.7, and 12.8 could allow an authenticated user to cause a denial of service in the App Connect flow due to improper validation of server-side input.

References (1)

[Vendor Advisory] https://www.ibm.com/support/pages/node/7185527

Scores

CVSS v3 4.3

EPSS 0.0004

EPSS Percentile 10.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-1286

Status published

Products (7)

ibm/app_connect_enterprise_certified_containers_operands 12.0.7.0 r4

ibm/app_connect_enterprise_certified_containers_operands 12.0.12.5 r1

ibm/app_connect_enterprise_certified_containers_operands 13.0.1.0 r1

ibm/app_connect_enterprise_certified_containers_operands 13.0.2.1 r1

ibm/app_connect_operator 12.0.12 r1 (2 CPE variants)

ibm/app_connect_operator 12.0.0 - 12.9.0

ibm/app_connect_operator 7.2 - 11.6.0

Published Mar 12, 2025

Tracked Since Feb 18, 2026