CVE-2023-45176 MEDIUM

CVE-2023-45176: IBM App Connect Enterprise and IBM Integration Bus denial of service

Vendor Ibm
Product App Connect Enterprise
Weakness CWE-20 · Input validation
Published October 14, 2023
Last update September 16, 2024

CVSS base score

6.2/10
Attack vector Local
Attack complexity Low
Privileges required None
User interaction None
Confidentiality None
Integrity None

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

What the vulnerability does

01Description

IBM App Connect Enterprise 11.0.0.1 through 11.0.0.23, 12.0.1.0 through 12.0.10.0 and IBM Integration Bus 10.1 through 10.1.0.1 are vulnerable to a denial of service for integration nodes on Windows. IBM X-Force ID: 247998.

Key dates

02Disclosure timeline

October 14, 2023 CVE published
September 16, 2024 Record updated