The Change Password feature in IBM Sterling B2B Integrator 5.2.x up to and including 5.2.4 does not have a lockout protection mechanism for invalid login requests, which makes it easier for remote malicious users to obtain admin access via a brute-force approach.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm sterling b2b integrator 5.2.4 |
||
ibm sterling b2b integrator 5.2 |