CVE-2025-13490
moderate-risk
Published 2026-03-03
IBM App Connect Operator versions CD 11.3.0 through 11.6.0 and 12.1.0 through 12.20.0, LTS versions 12.0.0 through 12.0.20, and IBM App Connect Enterprise Certified Containers Operands versions CD 12.0.11.2‑r1 through 12.0.12.5‑r1 and 13.0.1.0‑r1 through 13.0.6.1‑r1, and LTS versions 12.0.12‑r1 through 12.0.12‑r20, contain a vulnerability in which the IBM App Connect Enterprise Certified Container transmits data in clear text, potentially allowing an attacker to intercept and obtain sensitive information through man‑in‑the‑middle techniques.
Do I need to act?
-
0.01% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
5
CVSS 5.9/10
Medium
NETWORK
/ HIGH complexity
Affected Products (20)
App Connect Enterprise Certified Containers Operands
App Connect Enterprise Certified Containers Operands
App Connect Enterprise Certified Containers Operands
App Connect Enterprise Certified Containers Operands
App Connect Enterprise Certified Containers Operands
App Connect Enterprise Certified Containers Operands
App Connect Enterprise Certified Containers Operands
App Connect Enterprise Certified Containers Operands
App Connect Enterprise Certified Containers Operands
App Connect Enterprise Certified Containers Operands
App Connect Enterprise Certified Containers Operands
App Connect Enterprise Certified Containers Operands
App Connect Enterprise Certified Containers Operands
App Connect Enterprise Certified Containers Operands
App Connect Enterprise Certified Containers Operands
App Connect Enterprise Certified Containers Operands
App Connect Enterprise Certified Containers Operands
App Connect Enterprise Certified Containers Operands
App Connect Enterprise Certified Containers Operands
App Connect Enterprise Certified Containers Operands
Affected Vendors
References (1)
Vendor Advisory
https://www.ibm.com/support/pages/node/7262271
43
/ 100
moderate-risk
Severity
18/34 · Moderate
Exploitability
0/34 · Minimal
Exposure
25/34 · High