Lucene search
IbmCVE-2023-42010HistoryJul 17, 2024 - 6:15 p.m.
CVE-2023-42010
2024-07-1718:15:03
CWE-497
ibm
web.nvd.nist.gov
34
ibm
sterling b2b integrator
information disclosure
http response
man in the middle
CVSS3
3.1
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
AI Score
3.4
Confidence
High
EPSS
0
Percentile
9.3%
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.2 could disclose sensitive information in the HTTP response using man in the middle techniques. IBM X-Force ID: 265507.
Affected configurations
Node
ibmsterling_b2b_integratorRange6.0.0.0–6.1.2.5standard
ORibmsterling_b2b_integratorRange6.2.0.0–6.2.0.2standard
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | sterling_b2b_integrator | * | cpe:2.3:a:ibm:sterling_b2b_integrator:*:*:*:*:standard:*:*:* |
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Sterling B2B Integrator Standard Edition",
"vendor": "IBM",
"versions": [
{
"lessThanOrEqual": "6.1.2.5",
"status": "affected",
"version": "6.0.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.2.0.2",
"status": "affected",
"version": "6.2.0.0",
"versionType": "semver"
}
]
}
]
CVSS3
3.1
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
AI Score
3.4
Confidence
High
EPSS
0
Percentile
9.3%
Related for CVE-2023-42010