{"api_version":"1","generated_at":"2026-05-30T02:20:58+00:00","cve":"CVE-2022-22404","urls":{"html":"https://cve.report/CVE-2022-22404","api":"https://cve.report/api/cve/CVE-2022-22404.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2022-22404","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2022-22404"},"summary":{"title":"CVE-2022-22404","description":"IBM App Connect Enterprise Certified Container Dashboard UI (IBM App Connect Enterprise Certified Container 1.5, 2.0, 2.1, 3.0, and 3.1) may be vulnerable to denial of service due to excessive rate limiting.","state":"PUBLIC","assigner":"psirt@us.ibm.com","published_at":"2022-04-01 17:15:00","updated_at":"2022-04-08 16:58:00"},"problem_types":["CWE-770"],"metrics":[],"references":[{"url":"https://www.ibm.com/support/pages/node/6568359","name":"https://www.ibm.com/support/pages/node/6568359","refsource":"CONFIRM","tags":[],"title":"Security Bulletin: IBM App Connect Enterprise Certified Container Dashboards may be vulnerable to denial of service due to CVE-2022-22404","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/222575","name":"ibm-appconnect-cve202222404-dos (222575)","refsource":"XF","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2022-22404","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-22404","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2022","cve_id":"22404","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ibm","cpe5":"app_connect_enterprise_certified_container","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"description":{"description_data":[{"value":"IBM App Connect Enterprise Certified Container Dashboard UI (IBM App Connect Enterprise Certified Container 1.5, 2.0, 2.1, 3.0, and 3.1) may be vulnerable to denial of service due to excessive rate limiting.","lang":"eng"}]},"CVE_data_meta":{"ID":"CVE-2022-22404","ASSIGNER":"psirt@us.ibm.com","STATE":"PUBLIC","DATE_PUBLIC":"2022-03-31T00:00:00"},"data_type":"CVE","references":{"reference_data":[{"name":"https://www.ibm.com/support/pages/node/6568359","title":"IBM Security Bulletin 6568359 (App Connect Enterprise Certified Container)","refsource":"CONFIRM","url":"https://www.ibm.com/support/pages/node/6568359"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/222575","refsource":"XF","title":"X-Force Vulnerability Report","name":"ibm-appconnect-cve202222404-dos (222575)"}]},"data_version":"4.0","affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"App Connect Enterprise Certified Container","version":{"version_data":[{"version_value":"1.5"},{"version_value":"2.0"},{"version_value":"2.1"},{"version_value":"3.0"},{"version_value":"3.1"}]}}]},"vendor_name":"IBM"}]}},"problemtype":{"problemtype_data":[{"description":[{"value":"Denial of Service","lang":"eng"}]}]},"data_format":"MITRE","impact":{"cvssv3":{"BM":{"A":"H","PR":"L","S":"U","AV":"N","UI":"N","AC":"L","SCORE":"6.500","I":"N","C":"N"},"TM":{"RC":"C","RL":"O","E":"U"}}}},"nvd":{"publishedDate":"2022-04-01 17:15:00","lastModifiedDate":"2022-04-08 16:58:00","problem_types":["CWE-770"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":6.5,"baseSeverity":"MEDIUM"},"exploitabilityScore":2.8,"impactScore":3.6},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:N/I:N/A:P","accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL","baseScore":4},"severity":"MEDIUM","exploitabilityScore":8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:ibm:app_connect_enterprise_certified_container:*:*:*:*:*:*:*:*","versionEndExcluding":"4.0.0","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2022","CveId":"22404","Ordinal":"224745","Title":"CVE-2022-22404","CVE":"CVE-2022-22404","Year":"2022"},"notes":[{"CveYear":"2022","CveId":"22404","Ordinal":"1","NoteData":"** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.","Type":"Description","Title":null}]}}}