Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm sterling b2b integrator 5.2 vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2017-1174
IBM Sterling B2B Integrator Standard Edition 5.2 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the malicious user to view, add, modify or delete information in the back-end database. IBM X-Force ID: 123296.
Ibm Sterling B2b Integrator 5.2
6.4
CVSSv2
CVE-2017-1192
IBM Sterling B2B Integrator 5.2 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume memory resources. IBM X-Force ID: 123663.
Ibm Sterling B2b Integrator 5.2
5.8
CVSSv2
CVE-2015-7410
The Health Check tool in IBM Sterling B2B Integrator 5.2 does not properly use cookies in conjunction with HTTPS sessions, which allows man-in-the-middle malicious users to obtain sensitive information or modify data via unspecified vectors.
Ibm Sterling B2b Integrator 5.2
4.3
CVSSv2
CVE-2015-7431
Cross-site scripting (XSS) vulnerability in Queue Watcher in IBM Sterling B2B Integrator 5.2 allows remote malicious users to inject arbitrary web script or HTML via a crafted URL.
Ibm Sterling B2b Integrator 5.2
4
CVSSv2
CVE-2017-1131
IBM Sterling B2B Integrator Standard Edition 5.2 could allow an authenticated user to obtain sensitive information by using unsupported, specially crafted HTTP commands. IBM X-Force ID: 121375.
Ibm Sterling B2b Integrator 5.2
4
CVSSv2
CVE-2017-1481
IBM Sterling B2B Integrator Standard Edition 5.2 allows a user to view sensitive information that belongs to another user. IBM X-Force ID: 128619.
Ibm Sterling B2b Integrator 5.2
3.5
CVSSv2
CVE-2017-1482
IBM Sterling B2B Integrator Standard Edition 5.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...
Ibm Sterling B2b Integrator 5.2
3.5
CVSSv2
CVE-2015-4992
IBM Sterling B2B Integrator 5.2 prior to 5020500_8 allows remote authenticated users to conduct clickjacking attacks via unspecified vectors.
Ibm Sterling B2b Integrator 5.2
4.3
CVSSv2
CVE-2016-3057
Cross-site scripting (XSS) vulnerability in IBM Sterling B2B Integrator 5.2 prior to 5020500_14 and 5.2 06 prior to 5020602_1 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Ibm Sterling B2b Integrator 5.2
4
CVSSv2
CVE-2017-1326
IBM Sterling File Gateway does not properly restrict user requests based on permission level. This allows for users to update data related to other users, by manipulating the parameters passed in the POST request. IBM X-Force ID: 126060.
Ibm Sterling B2b Integrator 5.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38298
CVE-2024-20356
CVE-2023-21987
CVE-2024-33217
bypass
CVE-2024-31804
CVE-2024-32660
unauthorized
SSRF
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »