CVE-2026-3602

medium

Description

IBM App Connect Enterprise 13.0.1.0 through 13.0.7.2, and 12.0.1.0 through 12.0.12.26 and IBM Integration Bus for z/OS 10.1.0.0 through 10.1.0.7 is vulnerable to SQL injection. A remote attacker could socially engineer a user into accidentally creating files they may not be aware of.

References

https://www.ibm.com/support/pages/node/7278350

Details

Source: Mitre, NVD

Published: 2026-06-30

Updated: 2026-07-01

Risk Information

CVSS v2

Base Score: 4

Vector: CVSS2#AV:L/AC:H/Au:N/C:N/I:C/A:N

Severity: Medium

CVSS v3

Base Score: 4.7

Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N

Severity: Medium

EPSS

EPSS: 0.00161