7 matches found
CVE-2023-22595
CVE-2023-22595 affects IBM B2B Advanced Communications (1.0.0.x) and IBM Multi-Enterprise Integration Gateway (1.0.0.1). A cross-site scripting flaw allows embedding arbitrary JavaScript in the Web UI, potentially leading to credentials disclosure in a trusted session. Remediation: apply fix pack...
CVE-2023-24971
The CVE-2023-24971 issue affects IBM B2B Advanced Communications 1.0.0.0 and IBM Multi-Enterprise Integration Gateway 1.0.0.1, caused by deserializing untrusted Java objects, leading to denial of service. Affected components are the Java deserialization path; impact is availability (DENIAL OF SER...
CVE-2016-5892
The CVE-2016-5892 XSS vulnerability affects IBM 10x used in Multi-Enterprise Integration Gateway (MEIG) 1.x up to 1.0.0.1 and IBM B2B Advanced Communications up to 1.0.0.5_1/1.0.0.5_2. The root cause is cross‑site scripting in the Web UI, potentially enabling credential disclosure within a truste...
CVE-2015-5022
Summary of details (CVE-2015-5022): IBM Multi-Enterprise Integration Gateway 1.x through 1.0.0.1 and B2B Advanced Communications 1.0.0.2 and 1.0.0.3 before 1.0.0.3_2 have an information-disclosure vulnerability when guest access is enabled. The affected component places an internal hostname and a...
CVE-2015-4973
Summary: CVE-2015-4973 is an XSS vulnerability affecting IBM’s Multi-Enterprise Integration Gateway (1.x up to 1.0.0.1) and B2B Advanced Communications (1.0.0.2/1.0.0.3) that allows remote attackers to insert arbitrary script/HTML via a crafted URL. Affected components: IBM Multi-Enterprise Integ...
CVE-2015-7445
CVE-2015-7445 affects IBM Multi-Enterprise Integration Gateway (versions 1.0–1.0.0.1) and B2B Advanced Communications (1.x prior to 1.0.0.4). When guest access is enabled, remote authenticated users can read error responses to disclose sensitive information. Public sources also document disclosur...
CVE-2016-0341
CVE-2016-0341 affects IBM Multi-Enterprise Integration Gateway 1.0–1.0.0.1 and B2B Advanced Communications 1.0.0.2–1.0.0.4. The root cause is missing HTTPS configuration, allowing remote attackers to obtain highly sensitive information via network sniffing. IBM security bulletins for IBM 10x, B2B...