Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Sterling_b2b_integrator
(Ibm)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 153 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2017-06-23 | CVE-2017-1193 | IBM Sterling B2B Integrator Standard Edition 5.2 could allow user to obtain sensitive information using an HTTP GET request. IBM X-Force ID: 123667. | Sterling_b2b_integrator | 6.5 | ||
| 2017-08-10 | CVE-2017-1192 | IBM Sterling B2B Integrator 5.2 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume memory resources. IBM X-Force ID: 123663. | Sterling_b2b_integrator | 8.2 | ||
| 2017-08-10 | CVE-2017-1174 | IBM Sterling B2B Integrator Standard Edition 5.2 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 123296. | Sterling_b2b_integrator | 8.8 | ||
| 2017-06-23 | CVE-2017-1132 | IBM Sterling B2B Integrator Standard Edition 5.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 121418. | Sterling_b2b_integrator | 5.4 | ||
| 2017-06-23 | CVE-2017-1131 | IBM Sterling B2B Integrator Standard Edition 5.2 could allow an authenticated user to obtain sensitive information by using unsupported, specially crafted HTTP commands. IBM X-Force ID: 121375. | Sterling_b2b_integrator | 6.5 | ||
| 2017-06-22 | CVE-2016-9983 | IBM Sterling B2B Integrator Standard Edition 5.2 could allow an authenticated user with special privileges to view files that they should not have access to. IBM X-Force ID: 120275. | Sterling_b2b_integrator | 5.3 | ||
| 2017-06-22 | CVE-2016-9982 | IBM Sterling B2B Integrator Standard Edition 5.2 could allow an authenticated user to obtain sensitive information such as account lists due to improper access control. IBM X-Force ID: 120274. | Sterling_b2b_integrator | 6.5 | ||
| 2017-02-01 | CVE-2016-6020 | IBM Sterling B2B Integrator Standard Edition could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. | Sterling_b2b_integrator | 6.1 | ||
| 2017-06-23 | CVE-2016-5893 | IBM Sterling B2B Integrator Standard Edition 5.2 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 115336. | Sterling_b2b_integrator | 5.5 | ||
| 2016-11-30 | CVE-2016-5890 | IBM Sterling B2B Integrator 5.2 before 5020500_14 and 5.2 06 before 5020602_1 allows remote authenticated users to change arbitrary passwords via unspecified vectors. | Sterling_b2b_integrator | 5.3 |