Sign In

CVE-2022-43915

📊 6.8 MEDIUM0.1%🎯 0 exploits
📅 Published Aug 24, 2024
📋 Status: Modified

IBM App Connect Enterprise Certified Container 5.0, 7.1, 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, and 12.1 does not limit calls to unshare in running Pods. This can allow a user with privileged access to execute commands in a running Pod to elevate their user privileges.

🎯 Affected Products & Systems

20 product configurations affected

Filter by type:
📱
Vulnerable
Version: 5.0
CPE:
cpe:2.3:a:ibm:app_connect_enterprise_certified_container:5.0:*:*:*:lts:*:*:*
📱
Vulnerable
Version: 7.1
CPE:
cpe:2.3:a:ibm:app_connect_enterprise_certified_container:7.1:*:*:*:*:*:*:*
📱
Vulnerable
Version: 7.2
CPE:
cpe:2.3:a:ibm:app_connect_enterprise_certified_container:7.2:*:*:*:*:*:*:*
📱
Vulnerable
Version: 8.0
CPE:
cpe:2.3:a:ibm:app_connect_enterprise_certified_container:8.0:*:*:*:*:*:*:*
📱
Vulnerable
Version: 8.1
CPE:
cpe:2.3:a:ibm:app_connect_enterprise_certified_container:8.1:*:*:*:*:*:*:*
📱
Vulnerable
Version: 8.2
CPE:
cpe:2.3:a:ibm:app_connect_enterprise_certified_container:8.2:*:*:*:*:*:*:*
📱
Vulnerable
Version: 9.0
CPE:
cpe:2.3:a:ibm:app_connect_enterprise_certified_container:9.0:*:*:*:*:*:*:*
📱
Vulnerable
Version: 9.1
CPE:
cpe:2.3:a:ibm:app_connect_enterprise_certified_container:9.1:*:*:*:*:*:*:*
📱
Vulnerable
Version: 9.2
CPE:
cpe:2.3:a:ibm:app_connect_enterprise_certified_container:9.2:*:*:*:*:*:*:*
📱
Vulnerable
Version: 10.0
CPE:
cpe:2.3:a:ibm:app_connect_enterprise_certified_container:10.0:*:*:*:*:*:*:*
📱
Vulnerable
Version: 10.1
CPE:
cpe:2.3:a:ibm:app_connect_enterprise_certified_container:10.1:*:*:*:*:*:*:*
📱
Vulnerable
Version: 11.0
CPE:
cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.0:*:*:*:*:*:*:*
📱
Vulnerable
Version: 11.1
CPE:
cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.1:*:*:*:*:*:*:*
📱
Vulnerable
Version: 11.2
CPE:
cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.2:*:*:*:*:*:*:*
📱
Vulnerable
Version: 11.3
CPE:
cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.3:*:*:*:*:*:*:*
📱
Vulnerable
Version: 11.4
CPE:
cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.4:*:*:*:*:*:*:*
📱
Vulnerable
Version: 11.5
CPE:
cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.5:*:*:*:*:*:*:*
📱
Vulnerable
Version: 11.6
CPE:
cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.6:*:*:*:*:*:*:*
📱
Vulnerable
Version: 12.0
CPE:
cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.0:*:*:*:lts:*:*:*
📱
Vulnerable
Version: 12.1
CPE:
cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.1:*:*:*:*:*:*:*
20 productsscroll for more
Metrics
6.8 MEDIUMCVSS v3.1[email protected]
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
Attack Vector:
NETWORK
Complexity:
HIGH
Privileges:
LOW
User Interaction:
NONE
Confidentiality:
HIGH
Integrity:
HIGH
Availability:
NONE
Scope:
UNCHANGED

🔍 Technical Details

Analysis Status
Modified
CVSS Details
6.8 (MEDIUM)v3.1
Source: [email protected]
EPSS Details
0.1% (Minimal)25.3th percentile
Last updated: Nov 1, 2025
Exploitation probability within 30 days
Published Date
Aug 24, 2024 (1 year ago)
Last Modified
Sep 21, 2024 (1 year ago)
Security Weaknesses1
References3