CVE-2025-13490

MEDIUM EPSS 8.4%
Published Mar 3, 20264mo ago · Modified Mar 4, 20264mo ago
5.9 CVSS 3.1
Medium
Find Similar
Published Mar 3, 2026 4mo ago
Last Modified Mar 4, 2026 4mo ago

Description

IBM App Connect Operator versions CD 11.3.0 through 11.6.0 and 12.1.0 through 12.20.0, LTS versions 12.0.0 through 12.0.20, and IBM App Connect Enterprise Certified Containers Operands versions CD 12.0.11.2‑r1 through 12.0.12.5‑r1 and 13.0.1.0‑r1 through 13.0.6.1‑r1, and LTS versions 12.0.12‑r1 through 12.0.12‑r20, contain a vulnerability in which the IBM App Connect Enterprise Certified Container transmits data in clear text, potentially allowing an attacker to intercept and obtain sensitive information through man‑in‑the‑middle techniques.

CVSS Details

Base Score
5.9
Exploitability
2.2
Impact
3.6
Vector string
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Attack Vector Network
Attack Complexity High
Privileges Required None
User Interaction None
Scope Unchanged
Confidentiality High
Integrity None
Availability None

Threat Intelligence

EPSS Exploit Probability
8.4% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-319

Affected Products 48

VendorProductVersionRange
ibmapp_connect_enterprise_certified_containers_operands12.0.11.2any
ibmapp_connect_enterprise_certified_containers_operands12.0.11.3any
ibmapp_connect_enterprise_certified_containers_operands12.0.12any
ibmapp_connect_enterprise_certified_containers_operands12.0.12any
ibmapp_connect_enterprise_certified_containers_operands12.0.12any
ibmapp_connect_enterprise_certified_containers_operands12.0.12any
ibmapp_connect_enterprise_certified_containers_operands12.0.12any
ibmapp_connect_enterprise_certified_containers_operands12.0.12any
ibmapp_connect_enterprise_certified_containers_operands12.0.12any
ibmapp_connect_enterprise_certified_containers_operands12.0.12any
ibmapp_connect_enterprise_certified_containers_operands12.0.12any
ibmapp_connect_enterprise_certified_containers_operands12.0.12any
ibmapp_connect_enterprise_certified_containers_operands12.0.12any
ibmapp_connect_enterprise_certified_containers_operands12.0.12any
ibmapp_connect_enterprise_certified_containers_operands12.0.12any
ibmapp_connect_enterprise_certified_containers_operands12.0.12any
ibmapp_connect_enterprise_certified_containers_operands12.0.12any
ibmapp_connect_enterprise_certified_containers_operands12.0.12any
ibmapp_connect_enterprise_certified_containers_operands12.0.12any
ibmapp_connect_enterprise_certified_containers_operands12.0.12any
ibmapp_connect_enterprise_certified_containers_operands12.0.12any
ibmapp_connect_enterprise_certified_containers_operands12.0.12any
ibmapp_connect_enterprise_certified_containers_operands12.0.12.0any
ibmapp_connect_enterprise_certified_containers_operands12.0.12.0any
ibmapp_connect_enterprise_certified_containers_operands12.0.12.2any
ibmapp_connect_enterprise_certified_containers_operands12.0.12.3any
ibmapp_connect_enterprise_certified_containers_operands12.0.12.4any
ibmapp_connect_enterprise_certified_containers_operands12.0.12.5any
ibmapp_connect_enterprise_certified_containers_operands13.0.1.0any
ibmapp_connect_enterprise_certified_containers_operands13.0.1.0any
ibmapp_connect_enterprise_certified_containers_operands13.0.1.1any
ibmapp_connect_enterprise_certified_containers_operands13.0.2.0any
ibmapp_connect_enterprise_certified_containers_operands13.0.2.1any
ibmapp_connect_enterprise_certified_containers_operands13.0.2.2any
ibmapp_connect_enterprise_certified_containers_operands13.0.2.2any
ibmapp_connect_enterprise_certified_containers_operands13.0.3.0any
ibmapp_connect_enterprise_certified_containers_operands13.0.3.1any
ibmapp_connect_enterprise_certified_containers_operands13.0.4.0any
ibmapp_connect_enterprise_certified_containers_operands13.0.4.1any
ibmapp_connect_enterprise_certified_containers_operands13.0.4.2any
ibmapp_connect_enterprise_certified_containers_operands13.0.5.0any
ibmapp_connect_enterprise_certified_containers_operands13.0.5.1any
ibmapp_connect_enterprise_certified_containers_operands13.0.5.2any
ibmapp_connect_enterprise_certified_containers_operands13.0.6.0any
ibmapp_connect_enterprise_certified_containers_operands13.0.6.1any
ibmapp_connect_operator*≥11.3.0  –  ≤11.6.0
ibmapp_connect_operator*≥12.0.0  –  ≤12.0.20
ibmapp_connect_operator*≥12.1.0  –  ≤12.20.1

References 1

  • ibm.com https://www.ibm.com/support/pages/node/7262271
    Vendor Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.