Security Bulletin: Security Vulnerability in Nimbus Jose JWT Affects IBM Sterling B2B Integrator and IBM Sterling File Gateway (CVE-2025-53864)

Summary IBM Sterling B2B Integrator and IBM Sterling File Gateway have addressed the security vulnerability in Nimbus Jose JWT Vulnerability Details CVEID:CVE-2025-53864 DESCRIPTION: Connect2id Nimbus JOSE + JWT 10.0.x before 10.0.2 and 9.37.x before 9.37.4 allows a remote attacker to cause a...

Security Bulletin: Security Vulnerability in Spring Security Affects IBM Sterling B2B Integrator and IBM Sterling File Gateway (CVE-2025-41248)

Summary IBM Sterling B2B Integrator and IBM Sterling File Gateway have addressed the security vulnerability in Spring Security Vulnerability Details CVEID:CVE-2025-41248 DESCRIPTION: The Spring Security annotation detection mechanism may not correctly resolve annotations on methods within type...

Security Bulletin: Security Vulnerability in Spring Boot Affects IBM Sterling B2B Integrator and IBM Sterling File Gateway (CVE-2025-22235)

Summary IBM Sterling B2B Integrator and IBM Sterling File Gateway have addressed the security vulnerability in Spring Boot Vulnerability Details CVEID:CVE-2025-22235 DESCRIPTION: EndpointRequest.to creates a matcher for null/ if the actuator endpoint, for which the EndpointRequest has been create...

Security Bulletin: Multiple Security Vulnerabilities in Spring Framework Affect IBM Sterling B2B Integrator and IBM Sterling File Gateway

Summary IBM Sterling B2B Integrator and IBM Sterling File Gateway have addressed the security vulnerabilities in Spring Framework Vulnerability Details CVEID:CVE-2025-22233 DESCRIPTION: CVE-2024-38820 ensured Locale-independent, lowercase conversion for both the configured disallowedFields patter...

Security Bulletin: IBM Sterling B2B Integrator and IBM Sterling File Gateway are Vulnerable due to reflected XSS vulnerability in AFT (CVE-2026-0835)

Summary IBM Sterling B2B Integrator and IBM Sterling File Gateway have addressed reflected XSS vulnerability Vulnerability Details CVEID:CVE-2026-0835 DESCRIPTION: IBM Sterling B2B Integrator and IBM Sterling File Gateway is vulnerable to cross-site scripting. This vulnerability allows an...

Security Bulletin: IBM Sterling B2B Integrator and IBM Sterling File Gateway are vulnerable due to improper permission check vulnerability in Zookeeper (CVE-2025-58457)

Summary IBM Sterling B2B Integrator and IBM Sterling File Gateway are vulnerable due to improper permission check vulnerability in Zookeeper Vulnerability Details CVEID:CVE-2025-58457 DESCRIPTION: Improper permission check in ZooKeeper AdminServer lets authorized clients to run snapshot and resto...

Security Bulletin: IBM Sterling B2B Integrator and IBM Sterling File Gateway are vulnerable due to improper permission check vulnerability in Zookeeper (CVE-2025-58457)

Summary IBM Sterling B2B Integrator and IBM Sterling File Gateway are vulnerable due to improper permission check vulnerability in Zookeeper Vulnerability Details CVEID:CVE-2025-58457 DESCRIPTION: Improper permission check in ZooKeeper AdminServer lets authorized clients to run snapshot and resto...

CVE-2025-14483

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.1.0.0 through 6.1.2.72, 6.2.0.0 through 6.2.0.51, 6.2.1.0 through 6.2.1.11, and 6.2.2.0 could disclose sensitive host information to authenticated users in responses that could be used in further attacks against the system...

CVE-2025-36368

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.1.0.0 through 6.1.2.72, 6.2.0.0 through 6.2.0.51, and 6.2.1.0 through 6.2.1.11 are vulnerable to SQL injection. An administrative user could send specially crafted SQL statements, which could allow the attacker to view, add, modify, or...

EUVD-2026-12661

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.1.0.0 through 6.1.2.72, 6.2.0.0 through 6.2.0.51, 6.2.1.0 through 6.2.1.11, and 6.2.2.0 allows a remote unauthenticated attacker to view and delete the partners of a community and to delete the communities...

CVE-2026-1264

CVE-2026-1264 affects IBM Sterling B2B Integrator and IBM Sterling File Gateway, versions 6.1.0.0–6.1.2.7_2, 6.2.0.0–6.2.0.5_1, 6.2.1.0–6.2.1.1_1, and 6.2.2.0. The issue is an improper access control that permits a remote, unauthenticated attacker to view and delete partners of a community and to...

CVE-2025-14031 IBM Sterling B2B Integrator and IBM Sterling File Gateway Denial of Service

IBM Sterling B2B Integrator and and IBM Sterling File Gateway 6.1.0.0 through 6.1.2.72, 6.2.0.0 through 6.2.0.51, 6.2.1.0 through 6.2.1.11, and 6.2.2.0 could allow an unauthenticated attacker to send a specially crafted request that causes the application to crash...

Security Bulletin: IBM Sterling B2B Integrator and IBM Sterling File Gateway are Vulnerable due to an access control vulnerability in AFT web app ( CVE-2026-1264 )

Summary IBM Sterling B2B Integrator and IBM Sterling File Gateway have addressed access control security vulnerability Vulnerability Details CVEID:CVE-2026-1264 DESCRIPTION: IBM Sterling B2B Integrator and IBM Sterling File Gateway allows a remote unauthenticated attacker to view and delete the...

Security Bulletin: IBM Sterling B2B Integrator and IBM Sterling File Gateway are Vulnerable due to spoofing vulnerabilty in MSSQL JDBC driver (CVE-2025-59250)

Summary IBM Sterling B2B Integrator and IBM Sterling File Gateway have addressed MSSQL JDBC driver vulnerability Vulnerability Details CVEID:CVE-2025-59250 DESCRIPTION: Improper input validation in JDBC Driver for SQL Server allows an unauthorized attacker to perform spoofing over a network...

IBM Sterling B2B Integrator和IBM Sterling File Gateway 命令注入漏洞

IBM Sterling B2B Integrator and IBM Sterling File Gateway are both products of International Business Machines IBM. IBM Sterling B2B Integrator is a software suite that integrates important B2B processes, transactions, and relationships. This software supports secure integration of complex B2B...

IBM Sterling B2B Integrator和IBM Sterling File Gateway 访问控制错误漏洞

IBM Sterling B2B Integrator and IBM Sterling File Gateway are both products of International Business Machines IBM. IBM Sterling B2B Integrator is a software suite that integrates important B2B processes, transactions, and relationships. This software supports secure integration of complex B2B...

CVE-2026-0835

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.1.0.0 through 6.1.2.72, 6.2.0.0 through 6.2.0.51, 6.2.1.0 through 6.2.1.11, and 6.2.2.0 are vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus alterin...

CVE-2023-40693

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.1.0.0 through 6.1.2.72, and 6.2.0.0 through 6.2.0.51, 6.2.1.0 through 6.2.1.11 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended...

CVE-2025-36368 IBM Sterling B2B Integrator and IBM Sterling File Gateway SQL Injection

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.1.0.0 through 6.1.2.72, 6.2.0.0 through 6.2.0.51, and 6.2.1.0 through 6.2.1.11 are vulnerable to SQL injection. An administrative user could send specially crafted SQL statements, which could allow the attacker to view, add, modify, or...

CVE-2025-36368

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.1.0.0 through 6.1.2.72, 6.2.0.0 through 6.2.0.51, and 6.2.1.0 through 6.2.1.11 are vulnerable to SQL injection. An administrative user could send specially crafted SQL statements, which could allow the attacker to view, add, modify, or...