CVE-2025-13491 (GCVE-0-2025-13491)

Vulnerability from cvelistv5 – Published: 2026-02-05 13:55 – Updated: 2026-02-05 14:46
VLAI?
Title
IBM App Connect Enterprise Certified Container DesignerAuthoring operands that use mapping assistance are vulnerable to loss of confidentiality []
Summary
IBM App Connect Enterprise Certified Container up to 12.19.0 (Continuous Delivery) and 12.0 LTS (Long Term Support) could allow an attacker to access sensitive files or modify configurations due to an untrusted search path.
Severity ?
5.1 (Medium)
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
CWE
Assigner
ibm
References
Impacted products
Vendor Product Version
IBM App Connect Operator Affected: CD:11.2.0 , ≤ 11.6.0, 12.1.0 - 12.19.012.0 (semver)
Affected: LTS:12.0.0 - 12.0.19
    cpe:2.3:a:ibm:app_connect_operator:cd:11.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:app_connect_operator:11.6.0:*:*:*:*:*:*:*
 Create a notification for this product.
    IBM App Connect EnterpriseCertified Containers Operands Affected: CD:12.0.11.1 , ≤ r1 - 12.0.12.5-r1, 13.0.1.0-r1 - 13.0.6.0-r112.0 (semver)
Affected: LTS:12.0.12-r1 - 12.0.12-r19
    cpe:2.3:a:ibm:app_connect_enterprisecertified_containers_operands:cd:12.0.11.1:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:app_connect_enterprisecertified_containers_operands:r1:*:*:*:*:*:*:*
 Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-13491",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-05T14:46:00.445395Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-05T14:46:23.152Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:ibm:app_connect_operator:cd:11.2.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:ibm:app_connect_operator:11.6.0:*:*:*:*:*:*:*"
          ],
          "product": "App Connect Operator",
          "vendor": "IBM",
          "versions": [
            {
              "lessThanOrEqual": "11.6.0, 12.1.0 - 12.19.012.0",
              "status": "affected",
              "version": "CD:11.2.0",
              "versionType": "semver"
            },
            {
              "status": "affected",
              "version": "LTS:12.0.0 - 12.0.19"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:ibm:app_connect_enterprisecertified_containers_operands:cd:12.0.11.1:*:*:*:*:*:*:*",
            "cpe:2.3:a:ibm:app_connect_enterprisecertified_containers_operands:r1:*:*:*:*:*:*:*"
          ],
          "product": "App Connect EnterpriseCertified Containers Operands",
          "vendor": "IBM",
          "versions": [
            {
              "lessThanOrEqual": "r1 - 12.0.12.5-r1, 13.0.1.0-r1 - 13.0.6.0-r112.0",
              "status": "affected",
              "version": "CD:12.0.11.1",
              "versionType": "semver"
            },
            {
              "status": "affected",
              "version": "LTS:12.0.12-r1 - 12.0.12-r19"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cb\u003e\u0026nbsp; \u003c/b\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eIBM App Connect Enterprise Certified Container\u0026nbsp;up to 12.19.0 (Continuous Delivery) and\u0026nbsp;\u003cstrong\u003e12.0 LTS (Long Term Support)\u003c/strong\u003e could allow an attacker to access sensitive files or modify configurations due to an untrusted search path.\u003c/span\u003e\u003cbr\u003e"
            }
          ],
          "value": "IBM App Connect Enterprise Certified Container\u00a0up to 12.19.0 (Continuous Delivery) and\u00a012.0 LTS (Long Term Support) could allow an attacker to access sensitive files or modify configurations due to an untrusted search path."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 5.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-426",
              "description": "CWE-426 Untrusted Search Path",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-05T13:55:21.838Z",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory",
            "patch"
          ],
          "url": "https://www.ibm.com/support/pages/node/7259746"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eIBM strongly suggests the following:\u003c/p\u003e\u003cp\u003e\u003cstrong\u003eApp Connect Enterprise Certified Container up to 12.19.0 (Continuous Delivery)\u003c/strong\u003e\u003c/p\u003e\u003cp\u003eUpgrade to App Connect Enterprise Certified Container Operator version 12.20.0 or higher, and ensure that all DesignerAuthoring components are at 13.0.6.1-r1 or higher. \u0026nbsp;Documentation on the upgrade process is available at \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.ibm.com/docs/en/app-connect/13.0?topic=releases-upgrading-operator\"\u003ehttps://www.ibm.com/docs/en/app-connect/13.0?topic=releases-upgrading-operator\u003c/a\u003e\u003c/p\u003e\u003cp\u003e\u003cbr\u003e\u003cstrong\u003eApp Connect Enterprise Certified Container 12.0 LTS (Long Term Support)\u003c/strong\u003e\u003c/p\u003e\u003cp\u003eUpgrade to App Connect Enterprise Certified Container Operator version 12.0.20 or higher, and ensure that all DesignerAuthoring components are at 12.0.12-r20 or higher. \u0026nbsp;Documentation on the upgrade process is available at \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.ibm.com/docs/en/app-connect/12.0?topic=umfpr-upgrading-operator-releases\"\u003ehttps://www.ibm.com/docs/en/app-connect/12.0?topic=umfpr-upgrading-operator-releases\u003c/a\u003e\u003c/p\u003e\u003cbr\u003e"
            }
          ],
          "value": "IBM strongly suggests the following:\n\nApp Connect Enterprise Certified Container up to 12.19.0 (Continuous Delivery)\n\nUpgrade to App Connect Enterprise Certified Container Operator version 12.20.0 or higher, and ensure that all DesignerAuthoring components are at 13.0.6.1-r1 or higher. \u00a0Documentation on the upgrade process is available at  https://www.ibm.com/docs/en/app-connect/13.0?topic=releases-upgrading-operator \n\n\nApp Connect Enterprise Certified Container 12.0 LTS (Long Term Support)\n\nUpgrade to App Connect Enterprise Certified Container Operator version 12.0.20 or higher, and ensure that all DesignerAuthoring components are at 12.0.12-r20 or higher. \u00a0Documentation on the upgrade process is available at  https://www.ibm.com/docs/en/app-connect/12.0?topic=umfpr-upgrading-operator-releases"
        }
      ],
      "title": "IBM App Connect Enterprise Certified Container DesignerAuthoring operands that use mapping assistance are vulnerable to loss of confidentiality []",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003e\u003c/p\u003e\u003cdiv\u003e\u003cp\u003eDisable mapping assistance in the DesignerAuthoring component\u003c/p\u003e\u003c/div\u003e\u003cbr\u003e\u003cp\u003e\u003c/p\u003e"
            }
          ],
          "value": "Disable mapping assistance in the DesignerAuthoring component"
        }
      ],
      "x_generator": {
        "engine": "ibm-cvegen"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2025-13491",
    "datePublished": "2026-02-05T13:55:21.838Z",
    "dateReserved": "2025-11-20T21:11:07.402Z",
    "dateUpdated": "2026-02-05T14:46:23.152Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-13491\",\"sourceIdentifier\":\"psirt@us.ibm.com\",\"published\":\"2026-02-05T14:16:03.940\",\"lastModified\":\"2026-02-05T14:57:20.563\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"IBM App Connect Enterprise Certified Container\u00a0up to 12.19.0 (Continuous Delivery) and\u00a012.0 LTS (Long Term Support) could allow an attacker to access sensitive files or modify configurations due to an untrusted search path.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@us.ibm.com\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N\",\"baseScore\":5.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.5,\"impactScore\":2.5}]},\"weaknesses\":[{\"source\":\"psirt@us.ibm.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-426\"}]}],\"references\":[{\"url\":\"https://www.ibm.com/support/pages/node/7259746\",\"source\":\"psirt@us.ibm.com\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-13491\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-02-05T14:46:00.445395Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-02-05T14:46:15.328Z\"}}], \"cna\": {\"title\": \"IBM App Connect Enterprise Certified Container DesignerAuthoring operands that use mapping assistance are vulnerable to loss of confidentiality []\", \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.1, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"LOW\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:ibm:app_connect_operator:cd:11.2.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:ibm:app_connect_operator:11.6.0:*:*:*:*:*:*:*\"], \"vendor\": \"IBM\", \"product\": \"App Connect Operator\", \"versions\": [{\"status\": \"affected\", \"version\": \"CD:11.2.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"11.6.0, 12.1.0 - 12.19.012.0\"}, {\"status\": \"affected\", \"version\": \"LTS:12.0.0 - 12.0.19\"}]}, {\"cpes\": [\"cpe:2.3:a:ibm:app_connect_enterprisecertified_containers_operands:cd:12.0.11.1:*:*:*:*:*:*:*\", \"cpe:2.3:a:ibm:app_connect_enterprisecertified_containers_operands:r1:*:*:*:*:*:*:*\"], \"vendor\": \"IBM\", \"product\": \"App Connect EnterpriseCertified Containers Operands\", \"versions\": [{\"status\": \"affected\", \"version\": \"CD:12.0.11.1\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"r1 - 12.0.12.5-r1, 13.0.1.0-r1 - 13.0.6.0-r112.0\"}, {\"status\": \"affected\", \"version\": \"LTS:12.0.12-r1 - 12.0.12-r19\"}]}], \"solutions\": [{\"lang\": \"en\", \"value\": \"IBM strongly suggests the following:\\n\\nApp Connect Enterprise Certified Container up to 12.19.0 (Continuous Delivery)\\n\\nUpgrade to App Connect Enterprise Certified Container Operator version 12.20.0 or higher, and ensure that all DesignerAuthoring components are at 13.0.6.1-r1 or higher. \\u00a0Documentation on the upgrade process is available at  https://www.ibm.com/docs/en/app-connect/13.0?topic=releases-upgrading-operator \\n\\n\\nApp Connect Enterprise Certified Container 12.0 LTS (Long Term Support)\\n\\nUpgrade to App Connect Enterprise Certified Container Operator version 12.0.20 or higher, and ensure that all DesignerAuthoring components are at 12.0.12-r20 or higher. \\u00a0Documentation on the upgrade process is available at  https://www.ibm.com/docs/en/app-connect/12.0?topic=umfpr-upgrading-operator-releases\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cp\u003eIBM strongly suggests the following:\u003c/p\u003e\u003cp\u003e\u003cstrong\u003eApp Connect Enterprise Certified Container up to 12.19.0 (Continuous Delivery)\u003c/strong\u003e\u003c/p\u003e\u003cp\u003eUpgrade to App Connect Enterprise Certified Container Operator version 12.20.0 or higher, and ensure that all DesignerAuthoring components are at 13.0.6.1-r1 or higher. \u0026nbsp;Documentation on the upgrade process is available at \u003ca target=\\\"_blank\\\" rel=\\\"nofollow\\\" href=\\\"https://www.ibm.com/docs/en/app-connect/13.0?topic=releases-upgrading-operator\\\"\u003ehttps://www.ibm.com/docs/en/app-connect/13.0?topic=releases-upgrading-operator\u003c/a\u003e\u003c/p\u003e\u003cp\u003e\u003cbr\u003e\u003cstrong\u003eApp Connect Enterprise Certified Container 12.0 LTS (Long Term Support)\u003c/strong\u003e\u003c/p\u003e\u003cp\u003eUpgrade to App Connect Enterprise Certified Container Operator version 12.0.20 or higher, and ensure that all DesignerAuthoring components are at 12.0.12-r20 or higher. \u0026nbsp;Documentation on the upgrade process is available at \u003ca target=\\\"_blank\\\" rel=\\\"nofollow\\\" href=\\\"https://www.ibm.com/docs/en/app-connect/12.0?topic=umfpr-upgrading-operator-releases\\\"\u003ehttps://www.ibm.com/docs/en/app-connect/12.0?topic=umfpr-upgrading-operator-releases\u003c/a\u003e\u003c/p\u003e\u003cbr\u003e\", \"base64\": false}]}], \"references\": [{\"url\": \"https://www.ibm.com/support/pages/node/7259746\", \"tags\": [\"vendor-advisory\", \"patch\"]}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"Disable mapping assistance in the DesignerAuthoring component\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cp\u003e\u003c/p\u003e\u003cdiv\u003e\u003cp\u003eDisable mapping assistance in the DesignerAuthoring component\u003c/p\u003e\u003c/div\u003e\u003cbr\u003e\u003cp\u003e\u003c/p\u003e\", \"base64\": false}]}], \"x_generator\": {\"engine\": \"ibm-cvegen\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"IBM App Connect Enterprise Certified Container\\u00a0up to 12.19.0 (Continuous Delivery) and\\u00a012.0 LTS (Long Term Support) could allow an attacker to access sensitive files or modify configurations due to an untrusted search path.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cb\u003e\u0026nbsp; \u003c/b\u003e\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003eIBM App Connect Enterprise Certified Container\u0026nbsp;up to 12.19.0 (Continuous Delivery) and\u0026nbsp;\u003cstrong\u003e12.0 LTS (Long Term Support)\u003c/strong\u003e could allow an attacker to access sensitive files or modify configurations due to an untrusted search path.\u003c/span\u003e\u003cbr\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-426\", \"description\": \"CWE-426 Untrusted Search Path\"}]}], \"providerMetadata\": {\"orgId\": \"9a959283-ebb5-44b6-b705-dcc2bbced522\", \"shortName\": \"ibm\", \"dateUpdated\": \"2026-02-05T13:55:21.838Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-13491\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-02-05T14:46:23.152Z\", \"dateReserved\": \"2025-11-20T21:11:07.402Z\", \"assignerOrgId\": \"9a959283-ebb5-44b6-b705-dcc2bbced522\", \"datePublished\": \"2026-02-05T13:55:21.838Z\", \"assignerShortName\": \"ibm\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.