IBM App Connect Enterprise Certified Container 4.1, 4.2, 5.0, 5.1, 5.2, 6.0, 6.1, and 6.2 could disclose sensitive information to an attacker due to a weak hash of an API Key in the configuration. IBM X-Force ID: 241583.
The product stores or transmits sensitive data using an encryption scheme that is theoretically sound, but is not strong enough for the level of protection required.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| App_connect_enterprise_certified_container | Ibm | 4.1 (including) | 4.1 (including) |
| App_connect_enterprise_certified_container | Ibm | 4.2 (including) | 4.2 (including) |
| App_connect_enterprise_certified_container | Ibm | 5.0 (including) | 5.0 (including) |
| App_connect_enterprise_certified_container | Ibm | 5.1 (including) | 5.1 (including) |
| App_connect_enterprise_certified_container | Ibm | 5.2 (including) | 5.2 (including) |
| App_connect_enterprise_certified_container | Ibm | 6.0 (including) | 6.0 (including) |
| App_connect_enterprise_certified_container | Ibm | 6.1 (including) | 6.1 (including) |
| App_connect_enterprise_certified_container | Ibm | 6.2 (including) | 6.2 (including) |