Vulnerabilities > CVE-2024-52362 - Improper Validation of Syntactic Correctness of Input vulnerability in IBM products

CVSS 6.5 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

ibm

CWE-1286

NVD

Published: 2025-03-12

Updated: 2025-04-02

Summary

IBM App Connect Enterprise Certified Container 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, 12.4, 12.5, 12.6, 12.7, and 12.8 could allow an authenticated user to cause a denial of service in the App Connect flow due to improper validation of server-side input.

Vulnerable Configurations

Part	Description	Count
Application	Ibm IBM APP Connect Enterprise Certified Containers Operands 12.0.12.5 IBM APP Connect Enterprise Certified Containers Operands 12.0.7.0 IBM APP Connect Enterprise Certified Containers Operands 13.0.1.0 IBM APP Connect Enterprise Certified Containers Operands 13.0.2.1 IBM APP Connect Operator * IBM APP Connect Operator 12.0.12	7

Common Weakness Enumeration (CWE)

CWE-1286 - Improper Validation of Syntactic Correctness of Input

References

https://www.ibm.com/support/pages/node/7185527