CVE-2024-52362

{"id": "CVE-2024-52362", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "psirt@us.ibm.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 2.8}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2025-03-12T14:15:15.170", "references": [{"url": "https://www.ibm.com/support/pages/node/7185527", "tags": ["Vendor Advisory"], "source": "psirt@us.ibm.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "psirt@us.ibm.com", "description": [{"lang": "en", "value": "CWE-1286"}]}], "descriptions": [{"lang": "en", "value": "IBM App Connect Enterprise Certified Container 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, 12.4, 12.5, 12.6, 12.7, and 12.8 could allow an authenticated user to cause a denial of service in the App Connect flow due to improper validation of server-side input."}, {"lang": "es", "value": "IBM App Connect Enterprise Certified Container 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, 12.4, 12.5, 12.6, 12.7 y 12.8 podr\u00edan permitir que un usuario autenticado provoque una denegaci\u00f3n de servicio en el flujo de App Connect debido a una validaci\u00f3n incorrecta de la entrada del lado del servidor."}], "lastModified": "2025-04-02T12:37:19.377", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.7.0:r4:*:*:continuous_delivery:*:*:*", "vulnerable": true, "matchCriteriaId": "F9D2BC99-027C-4BF4-AFE7-EAA2919B7BEF"}, {"criteria": "cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.12.5:r1:*:*:continuous_delivery:*:*:*", "vulnerable": true, "matchCriteriaId": "D0A177C3-85CB-4755-BB31-A70E0217473B"}, {"criteria": "cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:13.0.1.0:r1:*:*:continuous_delivery:*:*:*", "vulnerable": true, "matchCriteriaId": "7DC9D362-0F22-44F1-A9AC-5B644CE76ACA"}, {"criteria": "cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:13.0.2.1:r1:*:*:continuous_delivery:*:*:*", "vulnerable": true, "matchCriteriaId": "37AE3E6F-C42E-43C8-AD49-72D25CCD39A0"}, {"criteria": "cpe:2.3:a:ibm:app_connect_operator:*:*:*:*:continuous_delivery:*:*:*", "vulnerable": true, "matchCriteriaId": "A4347A7F-E070-4CBA-ADD2-0EDEBA137298", "versionEndIncluding": "11.6.0", "versionStartIncluding": "7.2"}, {"criteria": "cpe:2.3:a:ibm:app_connect_operator:*:*:*:*:lts:*:*:*", "vulnerable": true, "matchCriteriaId": "4F9C8F00-2039-4E64-9CE1-034271085913", "versionEndExcluding": "12.9.0 ", "versionStartIncluding": "12.0.0"}, {"criteria": "cpe:2.3:a:ibm:app_connect_operator:*:*:*:*:continuous_delivery:*:*:*", "vulnerable": true, "matchCriteriaId": "D3A5D9B4-D55F-4423-8AEC-02D04E7F59D1", "versionEndIncluding": "12.8.2", "versionStartIncluding": "12.1.0"}, {"criteria": "cpe:2.3:a:ibm:app_connect_operator:12.0.12:r1:*:*:lts:*:*:*", "vulnerable": true, "matchCriteriaId": "274D4BD8-FB49-47F7-B8BB-887AC072129B"}, {"criteria": "cpe:2.3:a:ibm:app_connect_operator:12.0.12:r8:*:*:lts:*:*:*", "vulnerable": true, "matchCriteriaId": "18B709B4-2B3B-4B30-A3FE-012B5492C94B"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@us.ibm.com"}