Main Vulnerability Database Vulnerabilities #VU107483

Permissions, Privileges, and Access Controls in App Connect Enterprise Certified Container - CVE-2022-43916

Published: April 16, 2025

Vulnerability identifier: #VU107483

CSH Severity: Medium

CVSS v4.0: CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2022-43916

CWE-ID: CWE-264

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: IBM Corporation

Affected software:
App Connect Enterprise Certified Container

Detailed vulnerability description

The vulnerability allows a remote user to escalate privileges on the system.

The vulnerability exists due to IBM App Connect Enterprise Certified Container Pods does not restrict network egress for Pods that are used for internal infrastructure. A remote user can bypass security restrictions and escalate privileges on the system.

How to mitigate CVE-2022-43916

Install updates from vendor's website.

Sources

https://www.ibm.com/support/pages/node/7181916

Permissions, Privileges, and Access Controls in App Connect Enterprise Certified Container - CVE-2022-43916

Detailed vulnerability description

How to mitigate CVE-2022-43916

Sources

Please verify you're human