CVE-2024-31904

Name of the Vulnerable Software and Affected Versions IBM App Connect Enterprise versions 11.0.0.1 through 11.0.0.25 IBM App Connect Enterprise versions 12.0.1.0 through 12.0.12.0

Description The issue is related to an error in exception handling in the AdminAPI component of IBM App Connect Enterprise, which could allow an authenticated user to cause a denial of service due to an uncaught exception. This could be exploited by a remote attacker.

Recommendations For IBM App Connect Enterprise versions 11.0.0.1 through 11.0.0.25, update to a version that includes the fix for this issue. For IBM App Connect Enterprise versions 12.0.1.0 through 12.0.12.0, update to a version that includes the fix for this issue. As a temporary workaround, consider restricting access to the integration nodes to minimize the risk of exploitation.