Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sterling b2b integrator vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv3
CVE-2021-20376
IBM Sterling File Gateway 2.2.0.0 up to and including 6.1.1.0 could allow an authenticated malicious user to enumerate usernames due to there being an observable discrepancy in returned messages. IBM X-Force ID: 195568.
Ibm Sterling B2b Integrator
5.4
CVSSv3
CVE-2021-20571
IBM Sterling B2B Integrator 5.2.0.0 up to and including 6.1.1.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure wi...
Ibm Sterling B2b Integrator
5.4
CVSSv3
CVE-2018-1718
IBM Sterling B2B Integrator Standard Edition 5.2.0.1 - 5.2.6.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a t...
Ibm Sterling B2b Integrator
5.5
CVSSv3
CVE-2023-25682
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 up to and including 6.0.3.8 and 6.1.0.0 up to and including 6.1.2.1 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 247034.
Ibm Sterling B2b Integrator
8.8
CVSSv3
CVE-2019-4387
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 up to and including 6.0.2.0 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the malicious user to view, add, modify or delete information in the back-end database...
Ibm Sterling B2b Integrator
6.5
CVSSv3
CVE-2022-22482
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 up to and including 6.0.3.5 and 6.1.0.0 up to and including 6.1.1.0 could allow an authenticated user to upload files that could fill up the filesystem and cause a denial of service. IBM X-Force ID: 225977.
Ibm Sterling B2b Integrator
7.5
CVSSv3
CVE-2021-38925
IBM Sterling B2B Integrator Standard Edition 5.2.0. 0 up to and including 6.1.1.0 uses weaker than expected cryptographic algorithms that could allow an malicious user to decrypt highly sensitive information. IBM X-Force ID: 210171.
Ibm Sterling B2b Integrator
4.3
CVSSv3
CVE-2023-42016
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 up to and including 6.0.3.8 and 6.1.0.0 up to and including 6.1.2.3 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a use...
Ibm Sterling B2b Integrator
4.3
CVSSv3
CVE-2017-1633
IBM Sterling B2B Integrator 5.2 up to and including 5.2.6 could allow an authenticated malicious user to obtain sensitive variable name information using specially crafted HTTP requests. IBM X-Force ID: 133180.
Ibm Sterling B2b Integrator
4.3
CVSSv3
CVE-2021-29760
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 up to and including 6.1.1.0 could allow an authenticated user to download unauthorized files through the dashboard user interface. IBM X-Force ID: 202213.
Ibm Sterling B2b Integrator
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4040
cross-site scripting
CVE-2023-25790
CVE-2024-2961
XML external entity
CVE-2024-26926
CVE-2024-32806
CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »