Security Bulletin: Dashboard of IBM Sterling B2B Integrator is vulnerable to cross-site scripting (CVE-2022-22352)

Summary IBM Sterling B2B Integrator has addressed the cross-site scripting vulnerability in Dashboard. Vulnerability Details CVEID:CVE-2022-22352 DESCRIPTION: IBM Sterling B2B Integrator Standard Edition is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary...

Security Bulletin: IBM Sterling B2B Integrator Dashboard UI is vulnerable to sensitive information exposure (CVE-2021-39087)

Summary IBM Sterling B2B Integrator dashboard UI has addressed a sensitive information exposure security vulnerability. Vulnerability Details CVEID:CVE-2021-39087 DESCRIPTION: IBM Sterling B2B Integrator Standard Edition could allow an authenticated user to obtain sensitive information due to...

Security Bulletin: IBM Sterling File Gateway is vulnerable to information disclosure (CVE-2021-39086)

Summary IBM Sterling File Gateway has addressed the an information discloure vulnerability. Vulnerability Details CVEID:CVE-2021-39086 DESCRIPTION: IBM Sterling File Gateway could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the...

Security Bulletin: IBM Sterling B2B Integrator Dashboard UI is vulner to SQL Injection (CVE-2021-39085)

Summary IBM Sterling B2B Integrator dashboard UI has addressed an SQL injection vulnerability. Vulnerability Details CVEID:CVE-2021-39085 DESCRIPTION: IBM Sterling B2B Integrator Standard Edition is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which...

Security Bulletin: IBM Sterling B2B Integrator is vulnerable to improper permission controls (CVE-2022-40232)

Summary IBM Sterling B2B Integrator has addressed the permission control security vulnerability Vulnerability Details CVEID:CVE-2022-40232 DESCRIPTION: IBM Sterling B2B Integrator Standard Edition could allow an authenticated user to perform actions they should not have access to due to improper...

Security Bulletin: IBM Sterling B2B Integrator is vulnerable to denial of service due to Google Gson (CVE-2022-25647)

Summary IBM Sterling B2B Integrator has addressed a denial of service vulnerability in Google Gson. Vulnerability Details CVEID:CVE-2022-25647 DESCRIPTION: Google Gson is vulnerable to a denial of service, caused by the deserialization of untrusted data. By using the writeReplace method, a remote...

Information disclosure

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.4, and 6.1.1.0 through 6.1.1.1 could allow an authenticated user to obtain sensitive information due to improper permission controls. IBM X-Force ID: 216109...

CVE-2021-39086

IBM Sterling File Gateway 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.4, and 6.1.1.0 through 6.1.1.1 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the...

PT-2022-10883 · Ibm · Ibm Sterling B2B Integrator Standard Edition

Name of the Vulnerable Software and Affected Versions: IBM Sterling B2B Integrator Standard Edition versions 6.0.0.0 through 6.1.1.1 Description: The issue allows an authenticated user to obtain sensitive information due to improper permission controls. Recommendations: For versions 6.0.0.0 throu...

Security Bulletin: IBM Sterling B2B Integrator is vulnerable to permission control vulnerability (CVE-2022-22482)

Summary IBM Sterling B2B Integrator has addressed the vulnerability. Vulnerability Details CVEID: CVE-2022-22482 DESCRIPTION: IBM Sterling B2B Integrator Standard Edition could allow an authenticated user to upload files that could fill up the filesystem and cause a denial of service. CVSS Base...

Security Bulletin: IBM Sterling B2B Integrator is vulnerable to information disclosure (CVE-2021-39033)

Summary IBM Sterling B2B Integrator is vulnerable to an information disclosure vulnerable that has been addressed. Vulnerability Details CVEID: CVE-2021-39033 DESCRIPTION: IBM Sterling B2B Integrator Standard Edition could allow a remote attacker to obtain sensitive information when a detailed...

CVE-2014-8900

Cross-site request forgery CSRF vulnerability in IBM UrbanCode Release 6.0.1.6 and earlier, 6.1.0.7 and earlier, and 6.1.1.1 and earlier...