PT-2025-20584 · Ibm · Ibm App Connect Enterprise Certified Container
Published
2025-05-09
·
Updated
2025-08-20
·
CVE-2025-1993
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
IBM App Connect Enterprise Certified Container versions 8.1 through 12.10
Description
The issue concerns the use of weaker than expected cryptographic algorithms to protect the database storing flows in DesignerAuthoring instances. This could potentially allow a local user to decrypt the data.
Recommendations
For IBM App Connect Enterprise Certified Container versions 8.1 through 12.10, consider updating the cryptographic algorithms used to protect the database to stronger, more secure alternatives. As a temporary workaround, restrict access to the database and the DesignerAuthoring instances to minimize the risk of exploitation.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm App Connect Enterprise Certified Container