CVE-2022-43922

Summary

IBM App Connect Enterprise Certified Container 4.1, 4.2, 5.0, 5.1, 5.2, 6.0, 6.1, and 6.2 could disclose sensitive information to an attacker due to a weak hash of an API Key in the configuration. IBM X-Force ID: 241583.

Affected Software

VendorProductVersion RangeStatus
IBMApp Connect Enterprise Certified Container4.1, 4.2, 5.0, 5.1, 5.2, 6.0, 6.1, 6.2affected

Weaknesses

  • 328 Reversible One-Way Hash

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References