发布日期：2025-03-12
更新日期：2025-05-23

受影响系统：

IBM App Connect Enterprise Certified Container 9.2
IBM App Connect Enterprise Certified Container 9.1
IBM App Connect Enterprise Certified Container 9.0
IBM App Connect Enterprise Certified Container 8.2
IBM App Connect Enterprise Certified Container 8.1
IBM App Connect Enterprise Certified Container 8.0
IBM App Connect Enterprise Certified Container 7.2
IBM App Connect Enterprise Certified Container 12.8
IBM App Connect Enterprise Certified Container 12.7
IBM App Connect Enterprise Certified Container 12.6
IBM App Connect Enterprise Certified Container 12.5
IBM App Connect Enterprise Certified Container 12.4
IBM App Connect Enterprise Certified Container 12.3
IBM App Connect Enterprise Certified Container 12.2
IBM App Connect Enterprise Certified Container 12.1
IBM App Connect Enterprise Certified Container 12.0
IBM App Connect Enterprise Certified Container 11.6
IBM App Connect Enterprise Certified Container 11.5
IBM App Connect Enterprise Certified Container 11.4
IBM App Connect Enterprise Certified Container 11.3
IBM App Connect Enterprise Certified Container 11.2
IBM App Connect Enterprise Certified Container 11.1
IBM App Connect Enterprise Certified Container 11.0
IBM App Connect Enterprise Certified Container 10.1
IBM App Connect Enterprise Certified Container 10.0

描述：

---

CVE(CAN) ID: CVE-2024-52362

IBM App Connect Enterprise Certified Container是美国国际商业机器（IBM）公司的一个基于IBM App Connect Enterprise软件产品的映像，以可执行文件的形式提供软件包，可以在容器化环境中部署和运行。
IBM App Connect Enterprise Certified Container多个版本存在输入句法正确性验证错误漏洞，该漏洞源于程序未正确验证服务端输入，经过身份认证的攻击者可利用该漏洞导致应用连接流程拒绝服务。

<**>

建议：

---

厂商补丁：

IBM
---
目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：
https://www.ibm.com/support/pages/node/7185527

浏览次数：42
严重程度：0（网友投票）