Lucene search
+L
IbmB2b Advanced Communications

7 matches found

cve
cve
added 2023/07/31 1:13 a.m.73 views

CVE-2023-22595

CVE-2023-22595 affects IBM B2B Advanced Communications (1.0.0.x) and IBM Multi-Enterprise Integration Gateway (1.0.0.1). A cross-site scripting flaw allows embedding arbitrary JavaScript in the Web UI, potentially leading to credentials disclosure in a trusted session. Remediation: apply fix pack...

5.4CVSS5.2AI score0.003EPSS
cve
cve
added 2023/07/31 1:16 a.m.62 views

CVE-2023-24971

The CVE-2023-24971 issue affects IBM B2B Advanced Communications 1.0.0.0 and IBM Multi-Enterprise Integration Gateway 1.0.0.1, caused by deserializing untrusted Java objects, leading to denial of service. Affected components are the Java deserialization path; impact is availability (DENIAL OF SER...

7.5CVSS6.5AI score0.00704EPSS
cve
cve
added 2016/10/05 10:0 a.m.55 views

CVE-2016-5892

The CVE-2016-5892 XSS vulnerability affects IBM 10x used in Multi-Enterprise Integration Gateway (MEIG) 1.x up to 1.0.0.1 and IBM B2B Advanced Communications up to 1.0.0.5_1/1.0.0.5_2. The root cause is cross‑site scripting in the Web UI, potentially enabling credential disclosure within a truste...

5.4CVSS4.9AI score0.00615EPSS
cve
cve
added 2015/10/05 10:0 a.m.50 views

CVE-2015-5022

Summary of details (CVE-2015-5022): IBM Multi-Enterprise Integration Gateway 1.x through 1.0.0.1 and B2B Advanced Communications 1.0.0.2 and 1.0.0.3 before 1.0.0.3_2 have an information-disclosure vulnerability when guest access is enabled. The affected component places an internal hostname and a...

4.3CVSS5.7AI score0.01087EPSS
cve
cve
added 2015/10/05 10:0 a.m.48 views

CVE-2015-4973

Summary: CVE-2015-4973 is an XSS vulnerability affecting IBM’s Multi-Enterprise Integration Gateway (1.x up to 1.0.0.1) and B2B Advanced Communications (1.0.0.2/1.0.0.3) that allows remote attackers to insert arbitrary script/HTML via a crafted URL. Affected components: IBM Multi-Enterprise Integ...

4.3CVSS5.7AI score0.0095EPSS
cve
cve
added 2016/01/01 2:0 a.m.43 views

CVE-2015-7445

CVE-2015-7445 affects IBM Multi-Enterprise Integration Gateway (versions 1.0–1.0.0.1) and B2B Advanced Communications (1.x prior to 1.0.0.4). When guest access is enabled, remote authenticated users can read error responses to disclose sensitive information. Public sources also document disclosur...

4.3CVSS4.1AI score0.00965EPSS
cve
cve
added 2016/05/15 1:0 a.m.43 views

CVE-2016-0341

CVE-2016-0341 affects IBM Multi-Enterprise Integration Gateway 1.0–1.0.0.1 and B2B Advanced Communications 1.0.0.2–1.0.0.4. The root cause is missing HTTPS configuration, allowing remote attackers to obtain highly sensitive information via network sniffing. IBM security bulletins for IBM 10x, B2B...

7.5CVSS7.2AI score0.01363EPSS