What is CVE-2022-43922?

CVE-2022-43922 is a vulnerability in IBM App Connect Enterprise Certified Container that could disclose sensitive information to an attacker due to a weak hash of an API Key in the configuration.

What is the severity of CVE-2022-43922?

The severity of CVE-2022-43922 is medium with a severity value of 6.5.

Which versions of IBM App Connect Enterprise Certified Container are affected by CVE-2022-43922?

IBM App Connect Enterprise Certified Container versions 4.1, 4.2, 5.0, 5.1, 5.2, 6.0, 6.1, and 6.2 are affected by CVE-2022-43922.

Where can I find more information about CVE-2022-43922?

More information about CVE-2022-43922 can be found at the IBM X-Force ID: 241583.

Vulnerability/
CVE-2022-43922

medium

6.5

CWE

326

9/12/2022

8/8/2023

CVE-2022-43922: Weak Encryption

Q: How can I fix CVE-2022-43922?

To fix CVE-2022-43922, it is recommended to update IBM App Connect Enterprise Certified Container to a version that has a fix for the vulnerability.

First published: Fri Dec 09 2022(Updated: )

IBM App Connect Enterprise Certified Container 4.1, 4.2, 5.0, 5.1, 5.2, 6.0, 6.1, and 6.2 could disclose sensitive information to an attacker due to a weak hash of an API Key in the configuration. IBM X-Force ID: 241583.

Credit: psirt@us.ibm.com

Affected Software	Affected Version	How to fix
IBM App Connect Enterprise Certified Container	<=4.1
IBM App Connect Enterprise Certified Container	<=4.2
IBM App Connect Enterprise Certified Container	<=5.0-lts
IBM App Connect Enterprise Certified Container	<=5.1
IBM App Connect Enterprise Certified Container	<=5.2
IBM App Connect Enterprise Certified Container	<=6.0
IBM App Connect Enterprise Certified Container	<=6.1
IBM App Connect Enterprise Certified Container	<=6.2
IBM App Connect Enterprise Certified Container	=4.1
IBM App Connect Enterprise Certified Container	=4.2
IBM App Connect Enterprise Certified Container	=5.0
IBM App Connect Enterprise Certified Container	=5.1
IBM App Connect Enterprise Certified Container	=5.2
IBM App Connect Enterprise Certified Container	=6.0
IBM App Connect Enterprise Certified Container	=6.1
IBM App Connect Enterprise Certified Container	=6.2
Redhat Openshift

Remedy

https://www.ibm.com/support/pages/node/6857807

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

IBM-6857807

Frequently Asked Questions

What is CVE-2022-43922?
CVE-2022-43922 is a vulnerability in IBM App Connect Enterprise Certified Container that could disclose sensitive information to an attacker due to a weak hash of an API Key in the configuration.
What is the severity of CVE-2022-43922?
The severity of CVE-2022-43922 is medium with a severity value of 6.5.
Which versions of IBM App Connect Enterprise Certified Container are affected by CVE-2022-43922?
IBM App Connect Enterprise Certified Container versions 4.1, 4.2, 5.0, 5.1, 5.2, 6.0, 6.1, and 6.2 are affected by CVE-2022-43922.
How can I fix CVE-2022-43922?
To fix CVE-2022-43922, it is recommended to update IBM App Connect Enterprise Certified Container to a version that has a fix for the vulnerability.
Where can I find more information about CVE-2022-43922?
More information about CVE-2022-43922 can be found at the IBM X-Force ID: 241583.

collector/ibm-support
agent/references
agent/weakness
agent/type
agent/event
agent/severity
agent/author
agent/description
agent/remedy
agent/last-modified-date
agent/first-publish-date
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/ibm
canonical/ibm app connect enterprise certified container
version/ibm app connect enterprise certified container/4.1
version/ibm app connect enterprise certified container/4.2
version/ibm app connect enterprise certified container/5.0-lts
version/ibm app connect enterprise certified container/5.1
version/ibm app connect enterprise certified container/5.2
version/ibm app connect enterprise certified container/6.0
version/ibm app connect enterprise certified container/6.1
version/ibm app connect enterprise certified container/6.2
version/ibm app connect enterprise certified container/5.0
vendor/redhat
canonical/redhat openshift