IBM49ABBDAAAC56E2280174BD1CAE8143CEFD2EF2D8C5BDA01DC75BAB40D8253FC2Security Bulletin: HTTP verb tampering vulnerability affects IBM Sterling B2B Integrator (CVE-2017-1131)
0.001 Low
EPSS
Percentile
30.8%
Summary
IBM Sterling B2B Integrator Standard Edition could allow an authenticated user to obtain sensitive information by using unsupported, specially crafted HTTP commands.
Vulnerability Details
CVEID: CVE-2017-1131**
DESCRIPTION:** IBM Sterling B2B Integrator Standard Edition could allow an authenticated user to obtain sensitive information by using unsupported, specially crafted HTTP commands.
CVSS Base Score: 4.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/121375> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)
Affected Products and Versions
IBM Sterling B2B Integrator 5.2
Remediation/Fixes
Product & Version
| APAR|Remediation/Fix
—|—|—
IBM Sterling B2B Integrator 5.2| IT18965| Apply B2B Integrator fix pack 5020500_16 or 5020603_2 on Fix Central
Workarounds and Mitigations
None
Related
0.001 Low
EPSS
Percentile
30.8%