Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBM34ADAC3074C692AD0C88B149B7FCC0010E0D0BD7AB27334EB52B0763DD4D53B5
HistoryFeb 05, 2020 - 12:53 a.m.

Security Bulletin: Cross-site Scripting Security Vulnerability Affects IBM Sterling B2B Integrator (CVE-2017-1482)

2020-02-0500:53:36
www.ibm.com
7

0.001 Low

EPSS

Percentile

26.3%

JSON

Summary

Cross-site scripting security vulnerability affects IBM Sterling B2B Integrator.

Vulnerability Details

CVEID: CVE-2017-1482**
DESCRIPTION:** IBM Sterling B2B Integrator Standard Edition is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
CVSS Base Score: 5.4
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/128620&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N)

Affected Products and Versions

IBM Sterling B2B Integrator 5.2

Remediation/Fixes

Product & Version

| APAR|Remediation/Fix
—|—|—
IBM Sterling B2B Integrator 5.2| IT21241| Apply B2B Integrator fix pack 5020500_16, 5020601_9, 5020602_5 or 5020603_3 Fix Central

Workarounds and Mitigations

None

CPENameOperatorVersion
ibm sterling b2b integratoreq5.2

Related

nvd 1
cvelist 1
cve 1
prion 1
nvd
nvd
CVE-2017-1482
2017-12-07 15:29:01
cvelist
cvelist
CVE-2017-1482
2017-11-29 00:00:00
cve
cve
CVE-2017-1482
2017-12-07 15:29:01
prion
prion
Cross site scripting
2017-12-07 15:29:00

0.001 Low

EPSS

Percentile

26.3%

JSON
Related for 34ADAC3074C692AD0C88B149B7FCC0010E0D0BD7AB27334EB52B0763DD4D53B5
nvd1cvelist1cve1prion1