|Number of vulnerabilities||1|
|Public exploit||Public exploit code for vulnerability #1 is available.|
IBM Integration Bus
Server applications / Other server solutions
IBM App Connect Enterprise
Universal components / Libraries / Software for developers
This security bulletin contains one medium risk vulnerability.
CWE-94 - Improper Control of Generation of Code ('Code Injection')
Exploit availability: YesDescription
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation. A remote attacker can send a specially crafted request and perform a denial of service (DoS) attack.
Install update from vendor's website.Vulnerable software versions
IBM Integration Bus: All versions
IBM App Connect Enterprise: before 126.96.36.199
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?