Description
IBM App Connect Enterprise Certified Container up to 12.19.0 (Continuous Delivery) and 12.0 LTS (Long Term Support) could allow an attacker to access sensitive files or modify configurations due to an untrusted search path.
CVSS Metrics
- Vector
- CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
- Attack Vector
- local
- Complexity
- low
- Privileges
- none
- User Action
- none
- Scope
- unchanged
- Confidentiality
- low
- Integrity
- low
- Availability
- none
- Weaknesses
- CWE-426
Metadata
- Primary Vendor
- IBM
- Published
- 2/5/2026
- Last Modified
- 2/5/2026
- Source
- NIST NVD
- Note: Verify all details with official vendor sources before applying patches.
Affected Products
IBM : Awaiting Analysis
AI-Powered Remediation
Generate remediation guidance or a C-suite brief for this vulnerability.