PT-2023-14401 · Ibm · Ibm App Connect Enterprise Certified Container

Published

2023-02-01

Updated

2025-03-26

CVE-2022-43922

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions IBM App Connect Enterprise Certified Container versions 4.1 through 6.2

Description The issue is related to a weak hash of an API Key in the configuration, which could disclose sensitive information to an attacker.

Recommendations For versions 4.1 through 6.2, consider disabling the use of API Keys in the configuration until a patch is available. Restrict access to sensitive information to minimize the risk of exploitation.

Fix

Inadequate Encryption Strength

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-328CWE-326

Related Identifiers

CVE-2022-43922

Affected Products

Ibm App Connect Enterprise Certified Container

PT-2023-14401 · Ibm · Ibm App Connect Enterprise Certified Container

CVE-2022-43922

Weakness Enumeration

Related Identifiers

Affected Products

References · 7