VYPR
Unrated severityNVD Advisory· Published Mar 3, 2026· Updated Mar 4, 2026

IBM App Connect Enterprise Certified Container IntegrationServer and IntegrationRuntime operands that report metrics are vulnerable to loss of confidentiality

CVE-2025-13490

Description

IBM App Connect Operator versions CD 11.3.0 through 11.6.0 and 12.1.0 through 12.20.0, LTS versions 12.0.0 through 12.0.20, and IBM App Connect Enterprise Certified Containers Operands versions CD 12.0.11.2‑r1 through 12.0.12.5‑r1 and 13.0.1.0‑r1 through 13.0.6.1‑r1, and LTS versions 12.0.12‑r1 through 12.0.12‑r20, contain a vulnerability in which the IBM App Connect Enterprise Certified Container transmits data in clear text, potentially allowing an attacker to intercept and obtain sensitive information through man‑in‑the‑middle techniques.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

4
  • cpe:2.3:a:ibm:app_connect_enterprisecertified_containers_operands:cd:12.0.11.2:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:ibm:app_connect_enterprisecertified_containers_operands:cd:12.0.11.2:*:*:*:*:*:*:*range: CD:12.0.11.2
    • (no CPE)range: CD 12.0.11.2-r1-12.0.12.5-r1, CD 13.0.1.0-r1-13.0.6.1-r1, LTS 12.0.12-r1-12.0.12-r20
  • IBM/App Connect Operatorcpe-rescue2 versions
    cpe:2.3:a:ibm:app_connect_operator:cd:11.3.0:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:ibm:app_connect_operator:cd:11.3.0:*:*:*:*:*:*:*range: CD:11.3.0
    • (no CPE)range: CD 11.3.0-11.6.0, CD 12.1.0-12.20.0, LTS 12.0.0-12.0.20

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.