PT-2023-14401 · Ibm · Ibm App Connect Enterprise Certified Container

Publicado

2023-02-01

Atualizado

2025-03-26

CVE-2022-43922

CVSS v3.1

6.5

Média

Vetor

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions IBM App Connect Enterprise Certified Container versions 4.1 through 6.2

Description The issue is related to a weak hash of an API Key in the configuration, which could disclose sensitive information to an attacker.

Recommendations For versions 4.1 through 6.2, consider disabling the use of API Keys in the configuration until a patch is available. Restrict access to sensitive information to minimize the risk of exploitation.

Correção

Inadequate Encryption Strength

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-328CWE-326

Identificadores relacionados

CVE-2022-43922

Produtos afetados

Ibm App Connect Enterprise Certified Container

PT-2023-14401 · Ibm · Ibm App Connect Enterprise Certified Container

CVE-2022-43922

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 7