CVE-2025-13490
Received Received - Intake
Cleartext Data Transmission Vulnerability in IBM App Connect Containers

Publication date: 2026-03-03

Last updated on: 2026-03-04

Assigner: IBM Corporation

Description
IBM App Connect Operator versions CD 11.3.0 through 11.6.0 and 12.1.0 through 12.20.0, LTS versions 12.0.0 through 12.0.20, and IBM App Connect Enterprise Certified Containers Operands versions CD 12.0.11.2‑r1 through 12.0.12.5‑r1 and 13.0.1.0‑r1 through 13.0.6.1‑r1, and LTS versions 12.0.12‑r1 through 12.0.12‑r20, contain a vulnerability in which the IBM App Connect Enterprise Certified Container transmits data in clear text, potentially allowing an attacker to intercept and obtain sensitive information through man‑in‑the‑middle techniques.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-03
Last Modified
2026-03-04
Generated
2026-05-07
AI Q&A
2026-03-03
EPSS Evaluated
2026-05-05
NVD
CVE-2025-13490
EUVD
EUVD-2025-208249
Affected Vendors & Products
Showing 48 associated CPEs
Vendor Product Version / Range
ibm app_connect_enterprise_certified_containers_operands 12.0.12.5
ibm app_connect_enterprise_certified_containers_operands 13.0.1.0
ibm app_connect_enterprise_certified_containers_operands 13.0.2.1
ibm app_connect_enterprise_certified_containers_operands 12.0.11.2
ibm app_connect_enterprise_certified_containers_operands 12.0.11.3
ibm app_connect_enterprise_certified_containers_operands 12.0.12
ibm app_connect_enterprise_certified_containers_operands 12.0.12
ibm app_connect_enterprise_certified_containers_operands 12.0.12.0
ibm app_connect_enterprise_certified_containers_operands 12.0.12.0
ibm app_connect_enterprise_certified_containers_operands 12.0.12.2
ibm app_connect_enterprise_certified_containers_operands 12.0.12.3
ibm app_connect_enterprise_certified_containers_operands 12.0.12.4
ibm app_connect_enterprise_certified_containers_operands 13.0.2.2
ibm app_connect_enterprise_certified_containers_operands 13.0.1.0
ibm app_connect_enterprise_certified_containers_operands 13.0.1.1
ibm app_connect_enterprise_certified_containers_operands 13.0.2.0
ibm app_connect_enterprise_certified_containers_operands 13.0.2.2
ibm app_connect_enterprise_certified_containers_operands 13.0.3.0
ibm app_connect_enterprise_certified_containers_operands 13.0.3.1
ibm app_connect_enterprise_certified_containers_operands 13.0.4.0
ibm app_connect_enterprise_certified_containers_operands 13.0.4.1
ibm app_connect_enterprise_certified_containers_operands 12.0.12
ibm app_connect_enterprise_certified_containers_operands 12.0.12
ibm app_connect_enterprise_certified_containers_operands 12.0.12
ibm app_connect_enterprise_certified_containers_operands 12.0.12
ibm app_connect_enterprise_certified_containers_operands 12.0.12
ibm app_connect_enterprise_certified_containers_operands 12.0.12
ibm app_connect_enterprise_certified_containers_operands 12.0.12
ibm app_connect_enterprise_certified_containers_operands 12.0.12
ibm app_connect_enterprise_certified_containers_operands 12.0.12
ibm app_connect_enterprise_certified_containers_operands 12.0.12
ibm app_connect_enterprise_certified_containers_operands 12.0.12
ibm app_connect_enterprise_certified_containers_operands 12.0.12
ibm app_connect_enterprise_certified_containers_operands 12.0.12
ibm app_connect_enterprise_certified_containers_operands 12.0.12
ibm app_connect_enterprise_certified_containers_operands 12.0.12
ibm app_connect_enterprise_certified_containers_operands 12.0.12
ibm app_connect_enterprise_certified_containers_operands 12.0.12
ibm app_connect_enterprise_certified_containers_operands 12.0.12
ibm app_connect_enterprise_certified_containers_operands 13.0.4.2
ibm app_connect_enterprise_certified_containers_operands 13.0.5.0
ibm app_connect_enterprise_certified_containers_operands 13.0.5.1
ibm app_connect_enterprise_certified_containers_operands 13.0.5.2
ibm app_connect_enterprise_certified_containers_operands 13.0.6.0
ibm app_connect_enterprise_certified_containers_operands 13.0.6.1
ibm app_connect_operator From 11.3.0 (inc) to 11.6.0 (inc)
ibm app_connect_operator From 12.1.0 (inc) to 12.20.1 (inc)
ibm app_connect_operator From 12.0.0 (inc) to 12.0.20 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-319 The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

CVE-2025-13490 is a vulnerability in IBM App Connect Enterprise Certified Container products where data is transmitted in clear text. This means that sensitive information sent by the container to a Prometheus instance within an OpenShift cluster is not encrypted.

Because the data is unencrypted, an attacker could potentially intercept this information using man-in-the-middle (MITM) techniques, leading to a loss of confidentiality.


How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

I don't know


How can this vulnerability be detected on my network or system? Can you suggest some commands?

The vulnerability involves IBM App Connect Enterprise Certified Container transmitting metrics data in clear text over the network, which can be intercepted via man-in-the-middle attacks.

To detect this vulnerability on your network or system, you can monitor network traffic for unencrypted Prometheus metrics data being sent from IBM App Connect Enterprise Certified Container components within an OpenShift cluster.

Commands to help detect this include using network packet capture tools such as tcpdump or Wireshark to inspect traffic on the relevant ports (typically Prometheus metrics ports, e.g., 9090 or custom configured ports). For example:

  • tcpdump -i <interface> port 9090 -w capture.pcap
  • Followed by analyzing the capture with Wireshark to check if the metrics data is transmitted in clear text (unencrypted HTTP rather than HTTPS).

Additionally, checking the configuration of the IBM App Connect Enterprise Certified Container Operator and its components to verify if metrics reporting is enabled and whether encryption is configured can help identify vulnerable setups.


What immediate steps should I take to mitigate this vulnerability?

The primary mitigation for this vulnerability is to upgrade affected IBM App Connect Operator and IBM App Connect Enterprise Certified Container components to fixed versions that address the issue.

  • For Continuous Delivery (CD) versions up to 12.20.1, upgrade the App Connect Enterprise Certified Container Operator to version 12.21.0 or higher.
  • Ensure all DesignerAuthoring, IntegrationServer, and IntegrationRuntime components are upgraded to version 13.0.6.2-r1 or higher.
  • For Long Term Support (LTS) versions 12.0.x, upgrade the App Connect Enterprise Certified Container Operator to version 12.0.21 or higher.
  • Ensure all DesignerAuthoring, IntegrationServer, and IntegrationRuntime components are upgraded to version 12.0.12-r21 or higher.

No workarounds or alternative mitigations are provided, so upgrading to the fixed versions is the recommended immediate action.


How can this vulnerability impact me? :

This vulnerability can impact you by exposing sensitive data transmitted by IBM App Connect Enterprise Certified Container to interception by attackers.

  • Attackers can perform man-in-the-middle attacks to capture unencrypted metrics data.
  • This leads to a confidentiality breach, potentially exposing sensitive information.

The vulnerability has a CVSS v3.1 base score of 5.9, indicating a medium severity with high confidentiality impact but no impact on integrity or availability.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart