IBM
CVE-2025-13491
MEDIUM
Severity by source
AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Lifecycle Timeline
2DescriptionCVE.org
IBM App Connect Enterprise Certified Container up to 12.19.0 (Continuous Delivery) and 12.0 LTS (Long Term Support) could allow an attacker to access sensitive files or modify configurations due to an untrusted search path.
AnalysisAI
IBM App Connect Enterprise Certified Container versions up to 12.19.0 is affected by untrusted search path (CVSS 5.1).
Technical ContextAI
This vulnerability (CWE-426: Untrusted Search Path) affects IBM App Connect Enterprise Certified Container. IBM App Connect Enterprise Certified Container up to 12.19.0 (Continuous Delivery) and 12.0 LTS (Long Term Support) could allow an attacker to access sensitive files or modify configurations due to an untrusted search path.
Affected ProductsAI
Product: IBM App Connect Enterprise Certified Container. Versions: up to 12.19.0.
RemediationAI
Monitor vendor advisories for a patch.
Same weakness CWE-426 – Untrusted Search Path
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today