CVE-2024-52362
📊 4.3 MEDIUM⚡ 0.1%🎯 0 exploits
📅 Published Mar 12, 2025
📋 Status: Analyzed
IBM App Connect Enterprise Certified Container 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, 12.4, 12.5, 12.6, 12.7, and 12.8 could allow an authenticated user to cause a denial of service in the App Connect flow due to improper validation of server-side input.
CVSS v3.1 • [email protected]
🎯 Affected Products & Systems
9 product configurations affected
Filter by type:
| Type | Vendor | Product | Version Range | Status | CPE String |
|---|---|---|---|---|---|
📱App | ibm | app connect enterprise certified containers operands | 12.0.7.0 | Vulnerable | cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.7.0:r4:*:*:continuous_delivery:*:*:* |
📱App | ibm | app connect enterprise certified containers operands | 12.0.12.5 | Vulnerable | cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.12.5:r1:*:*:continuous_delivery:*:*:* |
📱App | ibm | app connect enterprise certified containers operands | 13.0.1.0 | Vulnerable | cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:13.0.1.0:r1:*:*:continuous_delivery:*:*:* |
📱App | ibm | app connect enterprise certified containers operands | 13.0.2.1 | Vulnerable | cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:13.0.2.1:r1:*:*:continuous_delivery:*:*:* |
📱App | ibm | app connect operator | ≥ 7.2 ∧ ≤ 11.6.0 | Vulnerable | cpe:2.3:a:ibm:app_connect_operator:*:*:*:*:continuous_delivery:*:*:* |
📱App | ibm | app connect operator | ≥ 12.0.0 ∧ < 12.9.0 | Vulnerable | cpe:2.3:a:ibm:app_connect_operator:*:*:*:*:lts:*:*:* |
📱App | ibm | app connect operator | ≥ 12.1.0 ∧ ≤ 12.8.2 | Vulnerable | cpe:2.3:a:ibm:app_connect_operator:*:*:*:*:continuous_delivery:*:*:* |
📱App | ibm | app connect operator | 12.0.12 | Vulnerable | cpe:2.3:a:ibm:app_connect_operator:12.0.12:r1:*:*:lts:*:*:* |
📱App | ibm | app connect operator | 12.0.12 | Vulnerable | cpe:2.3:a:ibm:app_connect_operator:12.0.12:r8:*:*:lts:*:*:* |
📱
VulnerableApplication
Version: 12.0.7.0
CPE:
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.7.0:r4:*:*:continuous_delivery:*:*:*
📱
VulnerableApplication
Version: 12.0.12.5
CPE:
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:12.0.12.5:r1:*:*:continuous_delivery:*:*:*
📱
VulnerableApplication
Version: 13.0.1.0
CPE:
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:13.0.1.0:r1:*:*:continuous_delivery:*:*:*
📱
VulnerableApplication
Version: 13.0.2.1
CPE:
cpe:2.3:a:ibm:app_connect_enterprise_certified_containers_operands:13.0.2.1:r1:*:*:continuous_delivery:*:*:*
📱
VulnerableApplication
Version: ≥ 7.2 ∧ ≤ 11.6.0
CPE:
cpe:2.3:a:ibm:app_connect_operator:*:*:*:*:continuous_delivery:*:*:*
📱
VulnerableApplication
Version: ≥ 12.0.0 ∧ < 12.9.0
CPE:
cpe:2.3:a:ibm:app_connect_operator:*:*:*:*:lts:*:*:*
📱
VulnerableApplication
Version: ≥ 12.1.0 ∧ ≤ 12.8.2
CPE:
cpe:2.3:a:ibm:app_connect_operator:*:*:*:*:continuous_delivery:*:*:*
📱
VulnerableApplication
Version: 12.0.12
CPE:
cpe:2.3:a:ibm:app_connect_operator:12.0.12:r1:*:*:lts:*:*:*
📱
VulnerableApplication
Version: 12.0.12
CPE:
cpe:2.3:a:ibm:app_connect_operator:12.0.12:r8:*:*:lts:*:*:*
9 products•scroll for more
Metrics
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Attack Vector:
NETWORK
Complexity:
LOW
Privileges:
LOW
User Interaction:
NONE
Confidentiality:
NONE
Integrity:
NONE
Availability:
LOW
Scope:
UNCHANGED
🔍 Technical Details
Analysis Status
AnalyzedCVSS Details
4.3 (MEDIUM)v3.1
Source: [email protected]
EPSS Details
0.1% (Minimal)31.9th percentile
Last updated: Nov 1, 2025
Exploitation probability within 30 days
Published Date
Mar 12, 2025 (7 months ago)
Last Modified
Apr 2, 2025 (7 months ago)
Security Weaknesses1
CWE-1286
References2
NVDgeneral