Lucene search

[email protected]CVE-2013-0560

HistoryJul 03, 2013 - 1:54 p.m.

CVE-2013-0560

2013-07-0313:54:00

CWE-89

[email protected]

web.nvd.nist.gov

sql injection

ibm

sterling b2b integrator

sterling file gateway

cve-2013-0560

8.2 High

AI Score

Confidence

Low

6.5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

52.7%

JSON

Multiple SQL injection vulnerabilities in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors, a different vulnerability than CVE-2012-5766.

CPENameOperatorVersion
ibm:sterling_b2b_integratoribm sterling b2b integratoreq5.2
ibm:sterling_b2b_integratoribm sterling b2b integratoreq5.1
ibm:sterling_file_gatewayibm sterling file gatewayeq2.1
ibm:sterling_file_gatewayibm sterling file gatewayeq2.2

CPE	Name	Operator	Version
ibm:sterling_b2b_integrator	ibm sterling b2b integrator	eq	5.2
ibm:sterling_b2b_integrator	ibm sterling b2b integrator	eq	5.1
ibm:sterling_file_gateway	ibm sterling file gateway	eq	2.1
ibm:sterling_file_gateway	ibm sterling file gateway	eq	2.2

References

www-01.ibm.com/support/docview.wss?uid=swg21640830

exchange.xforce.ibmcloud.com/vulnerabilities/83012

8.2 High

AI Score

Confidence

Low

6.5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

52.7%

JSON

Related for CVE-2013-0560

cvelist2 prion2 cve1 ibm1