Skip to main content

IBM App Connect Enterprise CVE-2026-5515

| EUVDEUVD-2026-32461 MEDIUM
Insecure Storage of Sensitive Information (CWE-922)
2026-05-27 psirt@us.ibm.com GHSA-j8w4-g6qh-7pq3
5.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

1
Analysis Generated
May 27, 2026 - 21:20 vuln.today

DescriptionCVE.org

IBM App Connect Enterprise 13.0.1.0 through 13.0.7.0 stores potentially sensitive information in log files that could be read by a local user.

AnalysisAI

Sensitive information disclosure in IBM App Connect Enterprise 13.0.1.0 through 13.0.7.0 exposes potentially sensitive data via log files accessible to local users. The CVSS vector (AV:L/PR:L) confirms exploitation requires local, low-privileged authenticated access, limiting the attack surface to users already present on the system. No public exploit has been identified and CISA SSVC rates exploitation as none, but the confidentiality impact is rated High, meaning successful access to log files could yield significant sensitive data.

Technical ContextAI

IBM App Connect Enterprise (ACE) is an enterprise integration platform used to connect applications and data across hybrid cloud environments. The vulnerability stems from the platform writing potentially sensitive information - such as credentials, tokens, or internal configuration data - into application log files without adequate sanitization or access restriction. The CWE classification was not assigned by NVD, but the behavior is consistent with CWE-532 (Insertion of Sensitive Information into Log File). The affected version range is 13.0.1.0 through 13.0.7.0 per EUVD-2026-32461. No CPE strings were provided in the source data.

RemediationAI

The primary remediation is to apply the vendor-supplied fix documented in the IBM security advisory at https://www.ibm.com/support/pages/node/7272270. An exact patched version number was not included in the available source data, so administrators should consult the advisory directly to confirm the target upgrade version. As a compensating control prior to patching, restrict read permissions on ACE log directories to only the service account running ACE and authorized administrators - this directly addresses the local user read path exploited by this vulnerability. Additionally, review and reduce log verbosity settings to avoid writing sensitive fields (credentials, tokens) to logs where feasible, noting that reducing verbosity may impact troubleshooting capability. Rotate any credentials or tokens that may have been captured in existing log files on affected systems.

Share

CVE-2026-5515 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy