CVE-2021-29906

Summary

IBM App Connect Enterprise Certified Container 1.0, 1.1, 1.2, 1.3, 1.4 and 1.5 could disclose sensitive information to a local user when it is configured to use an IBM Cloud API key to connect to cloud-based connectors. IBM X-Force ID: 207630.

Affected Software

VendorProductVersion RangeStatus
IBMApp Connect Enterprise Certified Container1.0.0affected
IBMApp Connect Enterprise Certified Container1.0.1affected
IBMApp Connect Enterprise Certified Container1.0.2affected
IBMApp Connect Enterprise Certified Container1.0.3affected
IBMApp Connect Enterprise Certified Container1.0.4affected
IBMApp Connect Enterprise Certified Container1.0.5affected
IBMApp Connect Enterprise Certified Container1.1affected
IBMApp Connect Enterprise Certified Container1.2affected
IBMApp Connect Enterprise Certified Container1.3affected
IBMApp Connect Enterprise Certified Container1.4affected
IBMApp Connect Enterprise Certified Container1.5affected

Weaknesses

  • Obtain Information

ADP Enrichment

CVE Program Container

Additional References

References