Vulnerabilities > IBM > APP Connect Enterprise > 12.0.12.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-05-22 | CVE-2024-31894 | Operation on a Resource after Expiration or Release vulnerability in IBM APP Connect Enterprise IBM App Connect Enterprise 12.0.1.0 through 12.0.12.1 could allow an authenticated user to obtain sensitive user information using an expired access token. | 4.3 |
| 2024-05-22 | CVE-2024-31895 | Operation on a Resource after Expiration or Release vulnerability in IBM APP Connect Enterprise IBM App Connect Enterprise 12.0.1.0 through 12.0.12.1 could allow an authenticated user to obtain sensitive user information using an expired access token. | 6.5 |
| 2024-05-22 | CVE-2024-31893 | Operation on a Resource after Expiration or Release vulnerability in IBM APP Connect Enterprise IBM App Connect Enterprise 12.0.1.0 through 12.0.12.1 could allow an authenticated user to obtain sensitive calendar information using an expired access token. | 4.3 |
| 2024-05-22 | CVE-2024-31904 | Unspecified vulnerability in IBM APP Connect Enterprise IBM App Connect Enterprise 11.0.0.1 through 11.0.0.25 and 12.0.1.0 through 12.0.12.0 integration nodes could allow an authenticated user to cause a denial of service due to an uncaught exception. | 6.5 |
| 2024-05-14 | CVE-2024-28760 | Allocation of Resources Without Limits or Throttling vulnerability in IBM APP Connect Enterprise IBM App Connect Enterprise 11.0.0.1 through 11.0.0.25 and 12.0.1.0 through 12.0.12.0 dashboard is vulnerable to a denial of service due to improper restrictions of resource allocation. | 4.3 |
| 2024-05-14 | CVE-2024-28761 | Cross-site Scripting vulnerability in IBM APP Connect Enterprise IBM App Connect Enterprise 11.0.0.1 through 11.0.0.25 and 12.0.1.0 through 12.0.12.0 is vulnerable to HTML injection. | 5.4 |