{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2022-43916","assignerOrgId":"9a959283-ebb5-44b6-b705-dcc2bbced522","state":"PUBLISHED","assignerShortName":"ibm","dateReserved":"2022-10-26T15:46:22.846Z","datePublished":"2025-01-30T12:04:47.259Z","dateUpdated":"2025-02-18T19:00:47.236Z"},"containers":{"cna":{"affected":[{"cpes":["cpe:2.3:a:ibm:app_connect_enterprise_certified_container:7.1:*:*:*:*:*:*:*","cpe:2.3:a:ibm:app_connect_enterprise_certified_container:7.2:*:*:*:*:*:*:*","cpe:2.3:a:ibm:app_connect_enterprise_certified_container:8.0:*:*:*:*:*:*:*","cpe:2.3:a:ibm:app_connect_enterprise_certified_container:8.1:*:*:*:*:*:*:*","cpe:2.3:a:ibm:app_connect_enterprise_certified_container:8.2:*:*:*:*:*:*:*","cpe:2.3:a:ibm:app_connect_enterprise_certified_container:9.0:*:*:*:*:*:*:*","cpe:2.3:a:ibm:app_connect_enterprise_certified_container:9.1:*:*:*:*:*:*:*","cpe:2.3:a:ibm:app_connect_enterprise_certified_container:9.2:*:*:*:*:*:*:*","cpe:2.3:a:ibm:app_connect_enterprise_certified_container:10.0:*:*:*:*:*:*:*","cpe:2.3:a:ibm:app_connect_enterprise_certified_container:10.1:*:*:*:*:*:*:*","cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.0:*:*:*:*:*:*:*","cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.1:*:*:*:*:*:*:*","cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.2:*:*:*:*:*:*:*","cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.3:*:*:*:*:*:*:*","cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.4:*:*:*:*:*:*:*","cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.5:*:*:*:*:*:*:*","cpe:2.3:a:ibm:app_connect_enterprise_certified_container:11.6:*:*:*:*:*:*:*","cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.0:*:*:*:*:*:*:*","cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.1:*:*:*:*:*:*:*","cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.2:*:*:*:*:*:*:*","cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.3:*:*:*:*:*:*:*","cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.4:*:*:*:*:*:*:*","cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.5:*:*:*:*:*:*:*","cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.6:*:*:*:*:*:*:*","cpe:2.3:a:ibm:app_connect_enterprise_certified_container:12.7:*:*:*:*:*:*:*"],"defaultStatus":"unaffected","product":"App Connect Enterprise Certified Container","vendor":"IBM","versions":[{"status":"affected","version":"7.1, 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, 12.4, 12.5, 12.6, 12.7"}]}],"descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"IBM App Connect Enterprise Certified Container 7.1, 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, 12.4, 12.5, 12.6, and 12.7 Pods do not restrict network egress for Pods that are used for internal infrastructure.<br>"}],"value":"IBM App Connect Enterprise Certified Container 7.1, 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, 12.4, 12.5, 12.6, and 12.7 Pods do not restrict network egress for Pods that are used for internal infrastructure."}],"metrics":[{"cvssV3_1":{"attackComplexity":"HIGH","attackVector":"NETWORK","availabilityImpact":"NONE","baseScore":6.8,"baseSeverity":"MEDIUM","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N","version":"3.1"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-923","description":"CWE-923 Improper Restriction of Communication Channel to Intended Endpoints","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"9a959283-ebb5-44b6-b705-dcc2bbced522","shortName":"ibm","dateUpdated":"2025-01-30T12:16:26.548Z"},"references":[{"tags":["vendor-advisory"],"url":"https://www.ibm.com/support/pages/node/7181916"}],"source":{"discovery":"UNKNOWN"},"title":"IBM App Connect Enterprise Certified Container improper communications restriction","x_generator":{"engine":"Vulnogram 0.2.0"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2025-01-30T13:20:39.455687Z","id":"CVE-2022-43916","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-02-18T19:00:47.236Z"}}]}}