CVE-2022-43916: IBM App Connect Enterprise Certified Container improper communications restriction

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2022-43916

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

IBM App Connect Enterprise Certified Container improper communications restriction

Source: NVD (National Vulnerability Database)

Vulnerability Description

IBM App Connect Enterprise Certified Container 7.1, 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, 12.4, 12.5, 12.6, and 12.7 Pods do not restrict network egress for Pods that are used for internal infrastructure.

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

Source: NVD (National Vulnerability Database)

Vulnerability Type

通信信道对预期端点的不适当限制

Source: NVD (National Vulnerability Database)

Vulnerability Title

IBM App Connect Enterprise Certified Container 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

IBM App Connect Enterprise Certified Container是美国国际商业机器（IBM）公司的一个基于 IBM App Connect Enterprise 软件产品的映像。以可执行文件的形式提供软件包，可以在容器化环境中部署和运行。 IBM App Connect Enterprise Certified Container存在安全漏洞，该漏洞源于Pods不限制用于内部基础设施的Pod的网络出口。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
IBM	App Connect Enterprise Certified Container	7.1, 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, 12.4, 12.5, 12.6, 12.7	`cpe:2.3:a:ibm:app_connect_enterprise_certified_container:7.1:::::::*`

II. Public POCs for CVE-2022-43916

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2022-43916

Please Login to view more intelligence information

IV. Related Vulnerabilities

Same product: App Connect Enterprise Certified Container

Same vendor: IBM

Same weakness: CWE-923

V. Comments for CVE-2022-43916

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2022-43916

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2022-43916

III. Intelligence Information for CVE-2022-43916

IV. Related Vulnerabilities

V. Comments for CVE-2022-43916

Leave a comment