CVE-2025-14604

IBM Storage Scale IBM S through rage Scale 5.2.3.0 - 5.2.3.5, and IBM S through rage Scale 6.0.0.0 - 6.0.0.1 could allow a local user to unintentionally trigger additional permissions for resources in a way that allows that resource to be executed by unintended actors...

IBM Storage Scale 安全漏洞

IBM Storage Scale is a storage solution offered by the American multinational company International Business Machines IBM. It aims to help businesses effectively manage and scale storage resources to meet growing data storage needs. Versions 5.2.3.0 to 5.2.3.5, as well as versions 6.0.0.0 to...

CVE-2025-2827

IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6, and 6.2.0.0 through 6.2.0.4 could disclose sensitive installation directory information to an authenticated user that could be used in further attacks against the system...

IBM Sterling B2B Integrator和IBM Sterling File Gateway 跨站脚本漏洞

IBM Sterling B2B Integrator and IBM Sterling File Gateway are both products of International Business Machines IBM.IBM Sterling B2B Integrator is a suite of software that integrates critical B2B processes, transactions and relationships. The software supports secure integration of complex B2B...

IBM Sterling B2B Integrator和IBM Sterling File Gateway 跨站请求伪造漏洞

IBM Sterling B2B Integrator is a suite of software from International Business Machines IBM that integrates critical B2B processes, transactions and relationships. The software supports secure integration of complex B2B processes with different partner communities.IBM Sterling File Gateway is a...

Security Bulletin: IBM Sterling B2B Integrator is vulnerable to Cross-Site Scripting (CVE-2022-34330)

Summary IBM Sterling B2B Integrator has addressed the cross-site scripting vulnerability Vulnerability Details CVEID:CVE-2022-34330 DESCRIPTION: IBM Sterling B2B Integrator Standard Edition is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code i...

Security Bulletin: B2B API of IBM Sterling B2B Integrator is vulnerable to information disclosure (CVE-2022-22337)

Summary IBM Sterling B2B Integrator has addressed the information disclousre vulnerability in B2B API Vulnerability Details CVEID:CVE-2022-22337 DESCRIPTION: IBM Sterling B2B Integrator Standard Edition could disclose sensitive information to an authenticated user. CVSS Base score: 4.3 CVSS...

Security Bulletin: Dashboard of IBM Sterling B2B Integrator is vulnerable to cross-site scripting (CVE-2022-22352)

Summary IBM Sterling B2B Integrator has addressed the cross-site scripting vulnerability in Dashboard. Vulnerability Details CVEID:CVE-2022-22352 DESCRIPTION: IBM Sterling B2B Integrator Standard Edition is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary...

Security Bulletin: IBM Sterling B2B Integrator Dashboard UI is vulnerable to sensitive information exposure (CVE-2021-39087)

Summary IBM Sterling B2B Integrator dashboard UI has addressed a sensitive information exposure security vulnerability. Vulnerability Details CVEID:CVE-2021-39087 DESCRIPTION: IBM Sterling B2B Integrator Standard Edition could allow an authenticated user to obtain sensitive information due to...

Security Bulletin: IBM Sterling File Gateway is vulnerable to information disclosure (CVE-2021-39086)

Summary IBM Sterling File Gateway has addressed the an information discloure vulnerability. Vulnerability Details CVEID:CVE-2021-39086 DESCRIPTION: IBM Sterling File Gateway could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the...

Security Bulletin: IBM Sterling B2B Integrator Dashboard UI is vulner to SQL Injection (CVE-2021-39085)

Summary IBM Sterling B2B Integrator dashboard UI has addressed an SQL injection vulnerability. Vulnerability Details CVEID:CVE-2021-39085 DESCRIPTION: IBM Sterling B2B Integrator Standard Edition is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which...

Security Bulletin: IBM Sterling B2B Integrator is affected by security vulnerability in OpenSSH

Summary IBM Sterling B2B Integrator is affected by security vulnerability in OpenSSH Vulnerability Details CVEID:CVE-2023-48795 DESCRIPTION: The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity chec...

Security Bulletin: IBM Sterling B2B Integrator is vulnerable to cross-site scripting (CVE-2024-31913 CVE-2024-31914)

Summary IBM Sterling B2B Integrator is vulnerable to cross-site scripting. Vulnerability Details CVEID:CVE-2024-31914 DESCRIPTION: IBM Sterling B2B Integrator Standard Edition is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the W...

CVE-2024-27263

IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.1 could allow an authenticated user to obtain sensitive information from the dashboard UI using man in the middle techniques...

IBM Sterling Secure Proxy 安全漏洞

IBM Sterling Secure Proxy is an International Business Machines IBM application agent for securing file transfers in an organization's unprotected zone DMZ. A security vulnerability exists in IBM Sterling Secure Proxy versions 6.0.0.0, 6.0.0.1, 6.0.0.2, 6.0.0.3, and 6.1.0.0, which stems from a...

Security Bulletin: IBM Sterling B2B Integrator is vulnerable to cross-site scripting (CVE-2023-32340 CVE-2023-50309)

Summary IBM Sterling B2B Integrator is vulnerable to cross-site scripting. Vulnerability Details CVEID:CVE-2023-32340 DESCRIPTION: IBM Sterling B2B Integrator is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the...

Security Bulletin: IBM Sterling B2B Integrator is vulnerable to information disclosure

Summary IBM Sterling B2B Integrator is vulnerable to information disclosure . Vulnerability Details CVEID:CVE-2024-27263 DESCRIPTION: IBM Sterling B2B Integrator could allow an authenticated user to obtain sensitive information from the dashboard UI using man in the middle techniques. CWE:CWE-300...

Security Bulletin: IBM B2B Sterling Integrator is affected by Fasterxml jackson-databind vulnerability to denial of service

Summary IBM B2B Sterling Integrator is affected by Fasterxml jackson-databind vulnerability to denial of service Vulnerability Details CVEID:CVE-2023-35116 DESCRIPTION: Fasterxml jackson-databind is vulnerable to a denial of service, caused by a stack-based overflow. By persuading a victim to ope...

Security Bulletin: IBM B2B Sterling Integrator is affected by Apache Axis vulnerability to server-side request forgery

Summary IBM B2B Sterling Integrator is affected by Apache Axis vulnerability to server-side request forgery. Vulnerability Details CVEID:CVE-2023-51441 DESCRIPTION: Apache Axis is vulnerable to server-side request forgery, caused by a improper input validation by the service admin HTTP API. By...

Security Bulletin: IBM Sterling B2B Integrator is affected by multiple vulnerabilities in Eclipse Jetty

Summary IBM Sterling B2B Integrator is affected by multiple vulnerabilities in Eclipse Jetty Vulnerability Details CVEID:CVE-2023-41900 DESCRIPTION: Eclipse Jetty could allow a remote authenticated attacker to bypass security restrictions, caused by improper authentication validation when using t...