← volver
CVE-2025-0799

IBM App Connect Enterprise Arbitrary File Write

CVSS 6.5 MEDIUMEPSS 0.5%CWE-22
Vexday Risk Score
13Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 6.5EPSS 0.5%KEV nãoPoC Nuclei Metasploit Patch referenciado
Ciclo de vida
06 feb 2025Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
IBM App Connect enterprise 12.0.1.0 through 12.0.12.10 and 13.0.1.0 through 13.0.2.1 could allow an authenticated user to write to an arbitrary file on the system during bar configuration deployment due to improper pathname limitations on restricted directories.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N