IBM Sterling B2B Integrator SQL Injection Vulnerability (CNVD-2022-61906)

2022-08-1900:00:00

China National Vulnerability Database

www.cnvd.org.cn

0.001 Low

EPSS

Percentile

44.9%

JSON

IBM Sterling B2B Integrator is a suite of software from IBM USA that integrates important B2B processes, transactions and relationships. The software supports secure integration of complex B2B processes with different partner communities.IBM Sterling B2B Integrator Standard Edition has a SQL injection vulnerability, which stems from the application’s lack of validation of externally entered SQL statements. An attacker could exploit the vulnerability to execute illegal SQL commands to steal sensitive database data.

CPENameOperatorVersion
IBM Sterling B2B Integrator Standard Edition >=6.0.0.0，<6.eq0.3.6
IBM Sterling B2B Integrator Standard Edition >=6.1.0.0，<6.eq1.0.5
IBM Sterling B2B Integrator Standard Edition >=6.1.1.0，<6.eq1.1.2

Name	Operator	Version
IBM Sterling B2B Integrator Standard Edition >=6.0.0.0，<6.	eq	0.3.6
IBM Sterling B2B Integrator Standard Edition >=6.1.0.0，<6.	eq	1.0.5
IBM Sterling B2B Integrator Standard Edition >=6.1.1.0，<6.	eq	1.1.2

0.001 Low

EPSS

Percentile

44.9%

JSON

Related for CNVD-2022-61906