Vulnerability Details CVE-2026-3602
IBM App Connect Enterprise 13.0.1.0 through 13.0.7.2, and 12.0.1.0 through 12.0.12.26 and IBM Integration Bus for z/OS 10.1.0.0 through 10.1.0.7 is vulnerable to SQL injection. A remote attacker could socially engineer a user into accidentally creating files they may not be aware of.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 8.1%
CVSS Severity
CVSS v3 Score 4.7
Products affected by CVE-2026-3602
-
cpe:2.3:a:ibm:app_connect_enterprise:12.0.1.0
-
cpe:2.3:a:ibm:app_connect_enterprise:12.0.10.0
-
cpe:2.3:a:ibm:app_connect_enterprise:12.0.11.0
-
cpe:2.3:a:ibm:app_connect_enterprise:12.0.11.1
-
cpe:2.3:a:ibm:app_connect_enterprise:12.0.11.2
-
cpe:2.3:a:ibm:app_connect_enterprise:12.0.11.3
-
cpe:2.3:a:ibm:app_connect_enterprise:12.0.12.0
-
cpe:2.3:a:ibm:app_connect_enterprise:12.0.12.1
-
cpe:2.3:a:ibm:app_connect_enterprise:12.0.12.10
-
cpe:2.3:a:ibm:app_connect_enterprise:12.0.12.17
-
cpe:2.3:a:ibm:app_connect_enterprise:12.0.12.2
-
cpe:2.3:a:ibm:app_connect_enterprise:12.0.12.3
-
cpe:2.3:a:ibm:app_connect_enterprise:12.0.12.4
-
cpe:2.3:a:ibm:app_connect_enterprise:12.0.12.5
-
cpe:2.3:a:ibm:app_connect_enterprise:12.0.12.6
-
cpe:2.3:a:ibm:app_connect_enterprise:12.0.12.7
-
cpe:2.3:a:ibm:app_connect_enterprise:12.0.12.8
-
cpe:2.3:a:ibm:app_connect_enterprise:12.0.12.9
-
cpe:2.3:a:ibm:app_connect_enterprise:12.0.2.0
-
cpe:2.3:a:ibm:app_connect_enterprise:12.0.3.0
-
cpe:2.3:a:ibm:app_connect_enterprise:12.0.4.0
-
cpe:2.3:a:ibm:app_connect_enterprise:12.0.5.0
-
cpe:2.3:a:ibm:app_connect_enterprise:12.0.6.0
-
cpe:2.3:a:ibm:app_connect_enterprise:12.0.7.0
-
cpe:2.3:a:ibm:app_connect_enterprise:12.0.8.0
-
cpe:2.3:a:ibm:app_connect_enterprise:12.0.9.0
-
cpe:2.3:a:ibm:app_connect_enterprise:13.0.1.0
-
cpe:2.3:a:ibm:app_connect_enterprise:13.0.1.1
-
cpe:2.3:a:ibm:app_connect_enterprise:13.0.2.0
-
cpe:2.3:a:ibm:app_connect_enterprise:13.0.2.1
-
cpe:2.3:a:ibm:app_connect_enterprise:13.0.2.2
-
cpe:2.3:a:ibm:app_connect_enterprise:13.0.3.0
-
cpe:2.3:a:ibm:app_connect_enterprise:13.0.3.1
-
cpe:2.3:a:ibm:app_connect_enterprise:13.0.4.0
-
cpe:2.3:a:ibm:app_connect_enterprise:13.0.4.1
-
cpe:2.3:a:ibm:app_connect_enterprise:13.0.4.2
-
cpe:2.3:a:ibm:app_connect_enterprise:13.0.5.0
-
cpe:2.3:a:ibm:app_connect_enterprise:13.0.5.1
-
cpe:2.3:a:ibm:app_connect_enterprise:13.0.5.2
-
cpe:2.3:a:ibm:app_connect_enterprise:13.0.6.0
-
cpe:2.3:a:ibm:app_connect_enterprise:13.0.6.1
-
cpe:2.3:a:ibm:app_connect_enterprise:13.0.6.2
-
cpe:2.3:a:ibm:app_connect_enterprise:13.0.7.0
-
cpe:2.3:a:ibm:app_connect_enterprise:13.0.7.1
-
cpe:2.3:a:ibm:app_connect_enterprise:13.0.7.2
-
cpe:2.3:a:ibm:integration_bus:10.1.0.2
-
cpe:2.3:a:ibm:integration_bus:10.1.0.3
-