IBM62660926306422ECBC4CC6614C9F9B427047197A83B29624A4DF844F88F3500BSecurity Bulletin: SQL injection vulnerability affects IBM Sterling B2B Integrator (CVE-2017-1174)
0.001 Low
EPSS
Percentile
46.2%
Summary
IBM Sterling B2B Integrator Standard Edition is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database.
Vulnerability Details
CVEID: CVE-2017-1174**
DESCRIPTION:** IBM Sterling B2B Integrator Standard Edition is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database.
CVSS Base Score: 7.6
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/123296> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L)
Affected Products and Versions
IBM Sterling B2B Integrator 5.2
Remediation/Fixes
Product & Version
| APAR|Remediation/Fix
—|—|—
IBM Sterling B2B Integrator 5.2| IT20226| Apply B2B Integrator fix pack 5020603_2 or 5020602_4, 5020601_8 or 5020500_16 on Fix Central
Workarounds and Mitigations
None
Related
0.001 Low
EPSS
Percentile
46.2%