What is CVE-2022-42439?

CVE-2022-42439 is an unspecified vulnerability in IBM App Connect Enterprise discovered by IBM X-Force team.

Which versions of IBM App Connect Enterprise are affected by CVE-2022-42439?

IBM App Connect Enterprise versions 11.0.0.17 through 11.0.0.19, 12.0.4.0, and 12.0.5.0 are affected by CVE-2022-42439.

What is the severity level of CVE-2022-42439?

CVE-2022-42439 has a severity level of 6.8 (Medium).

How can a 3rd party system's credentials be exposed by CVE-2022-42439?

CVE-2022-42439 contains an unspecified vulnerability in the Discovery Connector nodes of IBM App Connect Enterprise that may cause a privileged attacker to expose a 3rd party system's credentials.

Where can I find more information about CVE-2022-42439?

You can find more information about CVE-2022-42439 on the IBM X-Force ID: 238211.

Vulnerability/
CVE-2022-42439

medium

6.8

CWE

532 200

31/1/2023

6/2/2023

3/8/2024

CVE-2022-42439: IBM App Connect Enterprise information disclosure

First published: Tue Jan 31 2023(Updated: )

IBM App Connect Enterprise 11.0.0.17 through 11.0.0.19 and 12.0.4.0 and 12.0.5.0 contains an unspecified vulnerability in the Discovery Connector nodes which may cause a 3rd party system’s credentials to be exposed to a privileged attacker. IBM X-Force ID: 238211.

Credit: psirt@us.ibm.com

Affected Software	Affected Version	How to fix
IBM App Connect Enterprise	>=11.0.0.17<=11.0.0.19
IBM App Connect Enterprise	=12.0.4.0
IBM App Connect Enterprise	=12.0.5.0
IBM AIX
Linux Linux kernel
Microsoft Windows
IBM App Connect Enterprise Certified Container	=4.1
IBM App Connect Enterprise Certified Container	=4.2
IBM App Connect Enterprise Certified Container	=5.0
IBM App Connect Enterprise Certified Container	=5.1
IBM App Connect Enterprise Certified Container	=5.2
IBM App Connect Enterprise Certified Container	=6.0
Redhat Openshift
	<=4.1
	<=4.2
	<=5.0-lts
	<=5.1
	<=5.2
	<=6.0

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

IBM-6952435

Frequently Asked Questions

What is CVE-2022-42439?
CVE-2022-42439 is an unspecified vulnerability in IBM App Connect Enterprise discovered by IBM X-Force team.
Which versions of IBM App Connect Enterprise are affected by CVE-2022-42439?
IBM App Connect Enterprise versions 11.0.0.17 through 11.0.0.19, 12.0.4.0, and 12.0.5.0 are affected by CVE-2022-42439.
What is the severity level of CVE-2022-42439?
CVE-2022-42439 has a severity level of 6.8 (Medium).
How can a 3rd party system's credentials be exposed by CVE-2022-42439?
CVE-2022-42439 contains an unspecified vulnerability in the Discovery Connector nodes of IBM App Connect Enterprise that may cause a privileged attacker to expose a 3rd party system's credentials.
Where can I find more information about CVE-2022-42439?
You can find more information about CVE-2022-42439 on the IBM X-Force ID: 238211.

agent/references
agent/type
agent/first-publish-date
collector/nvd-index
agent/software-canonical-lookup-request
agent/weakness
agent/author
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/title
agent/severity
agent/description
agent/softwarecombine
agent/tags
agent/event
collector/ibm-support
source/IBM
agent/software-canonical-lookup
vendor/ibm
canonical/ibm app connect enterprise
version/ibm app connect enterprise/11.0.0.17
version/ibm app connect enterprise/11.0.0.19
version/ibm app connect enterprise/12.0.4.0
version/ibm app connect enterprise/12.0.5.0
canonical/ibm aix
vendor/linux
canonical/linux linux kernel
vendor/microsoft
canonical/microsoft windows
canonical/ibm app connect enterprise certified container
version/ibm app connect enterprise certified container/4.1
version/ibm app connect enterprise certified container/4.2
version/ibm app connect enterprise certified container/5.0
version/ibm app connect enterprise certified container/5.1
version/ibm app connect enterprise certified container/5.2
version/ibm app connect enterprise certified container/6.0
vendor/redhat
canonical/redhat openshift
version/ibm app connect enterprise certified container/5.0-lts