What is the severity of CVE-2022-43916?

The severity of CVE-2022-43916 is categorized as high due to unrestricted network egress for internal infrastructure Pods.

How do I fix CVE-2022-43916?

To fix CVE-2022-43916, implement network policies to restrict egress traffic for affected Pods in IBM App Connect Enterprise.

Which versions of IBM App Connect Enterprise are affected by CVE-2022-43916?

CVE-2022-43916 affects all versions of IBM App Connect Enterprise Certified Container from 7.1 to 12.7.

Is CVE-2022-43916 related to container security?

Yes, CVE-2022-43916 is related to container security, as it involves network egress controls for Pods.

What are the potential risks of CVE-2022-43916?

The potential risks of CVE-2022-43916 include unauthorized access and data exfiltration through unrestricted network egress.

Vulnerability/
CVE-2022-43916

medium

6.8

CWE

923 862

29/1/2025

30/1/2025

CVE-2022-43916: IBM App Connect Enterprise Certified Container improper communications restriction

First published: Wed Jan 29 2025(Updated: )

IBM App Connect Enterprise Certified Container 7.1, 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, 12.4, 12.5, 12.6, and 12.7 Pods do not restrict network egress for Pods that are used for internal infrastructure.

Credit: psirt@us.ibm.com

Affected Software	Affected Version	How to fix
IBM App Connect Enterprise Certified Container	<=7.1
IBM App Connect Enterprise Certified Container	<=7.2
IBM App Connect Enterprise Certified Container	<=8.0
IBM App Connect Enterprise Certified Container	<=8.1
IBM App Connect Enterprise Certified Container	<=8.2
IBM App Connect Enterprise Certified Container	<=9.0
IBM App Connect Enterprise Certified Container	<=9.1
IBM App Connect Enterprise Certified Container	<=9.2
IBM App Connect Enterprise Certified Container	<=10.0
IBM App Connect Enterprise Certified Container	<=10.1
IBM App Connect Enterprise Certified Container	<=11.0
IBM App Connect Enterprise Certified Container	<=11.1
IBM App Connect Enterprise Certified Container	<=11.2
IBM App Connect Enterprise Certified Container	<=11.3
IBM App Connect Enterprise Certified Container	<=11.4
IBM App Connect Enterprise Certified Container	<=11.5
IBM App Connect Enterprise Certified Container	<=11.6
IBM App Connect Enterprise Certified Container	<=12.0
IBM App Connect Enterprise Certified Container	<=12.1
IBM App Connect Enterprise Certified Container	<=12.2
IBM App Connect Enterprise Certified Container	<=12.3
IBM App Connect Enterprise Certified Container	<=12.4
IBM App Connect Enterprise Certified Container	<=12.5
IBM App Connect Enterprise Certified Container	<=12.6
IBM App Connect Enterprise Certified Container	<=12.7

Never miss a vulnerability like this again

Reference Links

https://www.ibm.com/support/pages/node/7181916 (Advisory)

Parent vulnerabilities

(Appears in the following advisories)

IBM-7181916

Frequently Asked Questions

What is the severity of CVE-2022-43916?
The severity of CVE-2022-43916 is categorized as high due to unrestricted network egress for internal infrastructure Pods.
How do I fix CVE-2022-43916?
To fix CVE-2022-43916, implement network policies to restrict egress traffic for affected Pods in IBM App Connect Enterprise.
Which versions of IBM App Connect Enterprise are affected by CVE-2022-43916?
CVE-2022-43916 affects all versions of IBM App Connect Enterprise Certified Container from 7.1 to 12.7.
Is CVE-2022-43916 related to container security?
Yes, CVE-2022-43916 is related to container security, as it involves network egress controls for Pods.
What are the potential risks of CVE-2022-43916?
The potential risks of CVE-2022-43916 include unauthorized access and data exfiltration through unrestricted network egress.

collector/mitre-cve
source/MITRE
collector/nvd-api
source/NVD
agent/severity
agent/references
agent/weakness
agent/title
agent/last-modified-date
agent/author
agent/source
agent/type
agent/softwarecombine
agent/first-publish-date
agent/description
agent/event
agent/tags
collector/ibm-support
source/IBM
agent/software-canonical-lookup
vendor/ibm
canonical/ibm app connect enterprise certified container
version/ibm app connect enterprise certified container/7.1
version/ibm app connect enterprise certified container/7.2
version/ibm app connect enterprise certified container/8.0
version/ibm app connect enterprise certified container/8.1
version/ibm app connect enterprise certified container/8.2
version/ibm app connect enterprise certified container/9.0
version/ibm app connect enterprise certified container/9.1
version/ibm app connect enterprise certified container/9.2
version/ibm app connect enterprise certified container/10.0
version/ibm app connect enterprise certified container/10.1
version/ibm app connect enterprise certified container/11.0
version/ibm app connect enterprise certified container/11.1
version/ibm app connect enterprise certified container/11.2
version/ibm app connect enterprise certified container/11.3
version/ibm app connect enterprise certified container/11.4
version/ibm app connect enterprise certified container/11.5
version/ibm app connect enterprise certified container/11.6
version/ibm app connect enterprise certified container/12.0
version/ibm app connect enterprise certified container/12.1
version/ibm app connect enterprise certified container/12.2
version/ibm app connect enterprise certified container/12.3
version/ibm app connect enterprise certified container/12.4
version/ibm app connect enterprise certified container/12.5
version/ibm app connect enterprise certified container/12.6
version/ibm app connect enterprise certified container/12.7