Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Sterling_b2b_integrator
(Ibm)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 152 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2017-12-07 | CVE-2017-1482 | IBM Sterling B2B Integrator Standard Edition 5.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 128620. | Sterling_b2b_integrator | 5.4 | ||
| 2017-12-07 | CVE-2017-1481 | IBM Sterling B2B Integrator Standard Edition 5.2 allows a user to view sensitive information that belongs to another user. IBM X-Force ID: 128619. | Sterling_b2b_integrator | 4.3 | ||
| 2017-06-23 | CVE-2017-1349 | IBM Sterling B2B Integrator Standard Edition 5.2 stores potentially sensitive information from HTTP sessions that could be read by a local user. IBM X-Force ID: 126525. | Sterling_b2b_integrator | 5.5 | ||
| 2017-06-23 | CVE-2017-1348 | IBM Sterling B2B Integrator Standard Edition 5.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 126524. | Sterling_b2b_integrator | 5.4 | ||
| 2017-06-23 | CVE-2017-1347 | IBM Sterling B2B Integrator Standard Edition 5.2 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 126462. | Sterling_b2b_integrator | 8.8 | ||
| 2017-06-23 | CVE-2017-1302 | IBM Sterling B2B Integrator Standard Edition 5.2 could allow a local user view sensitive information due to improper access controls. IBM X-Force ID: 125456. | Sterling_b2b_integrator | 5.5 | ||
| 2017-06-23 | CVE-2017-1193 | IBM Sterling B2B Integrator Standard Edition 5.2 could allow user to obtain sensitive information using an HTTP GET request. IBM X-Force ID: 123667. | Sterling_b2b_integrator | 6.5 | ||
| 2017-08-10 | CVE-2017-1192 | IBM Sterling B2B Integrator 5.2 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume memory resources. IBM X-Force ID: 123663. | Sterling_b2b_integrator | 8.2 | ||
| 2017-08-10 | CVE-2017-1174 | IBM Sterling B2B Integrator Standard Edition 5.2 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 123296. | Sterling_b2b_integrator | 8.8 | ||
| 2017-06-23 | CVE-2017-1132 | IBM Sterling B2B Integrator Standard Edition 5.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 121418. | Sterling_b2b_integrator | 5.4 |