Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Sterling_b2b_integrator
(Ibm)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 152 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-10-07 | CVE-2021-20584 | IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 could allow a remote attacker to upload arbitrary files, caused by improper access controls. IBM X-Force ID: 199397. | Sterling_b2b_integrator | 7.5 | ||
| 2021-10-06 | CVE-2021-29798 | IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.1.0 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 203734. | Sterling_b2b_integrator | 9.8 | ||
| 2021-10-06 | CVE-2021-29836 | IBM Sterling B2B Integrator Standard Edition 5.2.0.0. through 6.1.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204912. | Sterling_b2b_integrator | 5.4 | ||
| 2021-10-06 | CVE-2021-29837 | IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 204913. | Sterling_b2b_integrator | 8.8 | ||
| 2021-10-06 | CVE-2021-29855 | IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 205684. | Sterling_b2b_integrator | 5.4 | ||
| 2021-10-06 | CVE-2021-29903 | IBM Sterling B2B Integrator Standard Edition 5.2.6.0 through 6.1.1.0 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 207506. | Sterling_b2b_integrator | 9.8 | ||
| 2021-10-06 | CVE-2021-38925 | IBM Sterling B2B Integrator Standard Edition 5.2.0. 0 through 6.1.1.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 210171. | Sterling_b2b_integrator | 7.5 | ||
| 2021-10-06 | CVE-2021-29761 | IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 could allow an authenticated user to obtain sensitive information from the dashboard that they should not have access to. IBM X-Force ID: 202265. | Sterling_b2b_integrator | 4.3 | ||
| 2020-05-13 | CVE-2020-4312 | IBM Sterling B2B Integrator Standard Edition 5.2.0.0 trough 6.0.3.1 could allow an authenticated user to obtain sensitive information from a cached web page. IBM X-Force ID: 177089. | Sterling_b2b_integrator | 4.3 | ||
| 2021-01-05 | CVE-2020-4761 | IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5_2, 6.0.0.0 through 6.0.3.2, and 6.1.0.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 188895. | Sterling_b2b_integrator | 5.3 |