CVE-2026-5515 PUBLISHED

IBM App Connect Enterprise is vulnerable to a confidential disclosure

Assigner: ibm
Reserved: 03.04.2026 Published: 27.05.2026 Updated: 27.05.2026

IBM App Connect Enterprise 13.0.1.0 through 13.0.7.0 stores potentially sensitive information in log files that could be read by a local user.

Metrics

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVSS Score: 5.5

Product Status

Vendor IBM
Product App Connect Enterprise
Versions
  • affected from 13.0.1.0 to 13.0.7.0 (incl.)

Solutions

IBM strongly recommends addressing the vulnerability/vulnerabilities now by applying the appropriate fix to IBM App Connect Enterprise

Affected Product(s)Version(s)APARRemediation / FixesIBM App Connect Enterprise13.0.1.0 - 13.0.7.0IT49227

The APAR (IT49227) is available from

IBM App Connect Enterprise v13- Fix Pack Release 13.0.7.1 https://www.ibm.com/support/pages/download-ibm-app-connect-enterprise-13071

References