Sterling B2b Integrator Security Vulnerabilities and Issues — Page 4 of Sterling B2b Integrator CVE List

Lucene search

IbmSterling B2b Integrator

179 matches found

CVE•added 2018/04/20 9:29 p.m.•33 views

CVE-2014-0927

The ActiveMQ admin user interface in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allows remote attackers to bypass authentication by leveraging knowledge of the port number and webapp path. IBM X-Force ID: 92259.

8.1CVSS7.9AI score0.00363EPSS

CVE•added 2020/02/26 4:15 p.m.•33 views

CVE-2019-4597

IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 167880.

6.5CVSS6.5AI score0.00298EPSS

CVE•added 2020/11/16 5:15 p.m.•33 views

CVE-2020-4692

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.2 and 5.2.0.0 through 5.2.6.5 could allow an authenticated user to obtain sensitive information from the Dashboard UI. IBM X-Force ID: 186780.

6.5CVSS6AI score0.00211EPSS

CVE•added 2021/10/06 5:15 p.m.•33 views

CVE-2021-29798

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.1.0 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 203734.

9.8CVSS9.2AI score0.00358EPSS

CVE•added 2013/07/03 1:54 p.m.•32 views

CVE-2013-0456

IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to hijack sessions via a modified cookie path.

4CVSS6.2AI score0.00154EPSS

CVE•added 2013/07/03 1:54 p.m.•32 views

CVE-2013-2984

Directory traversal vulnerability in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allows remote authenticated users to read or modify files via unspecified vectors.

6.5CVSS6.1AI score0.00469EPSS

CVE•added 2020/11/16 5:15 p.m.•32 views

CVE-2020-4705

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.2 and 5.2.0.0 through 5.2.6.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclo...

4.8CVSS4.8AI score0.00162EPSS

CVE•added 2021/10/06 5:15 p.m.•32 views

CVE-2021-29761

IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 could allow an authenticated user to obtain sensitive information from the dashboard that they should not have access to. IBM X-Force ID: 202265.

4.3CVSS4.1AI score0.00119EPSS

CVE•added 2021/10/06 5:15 p.m.•32 views

CVE-2021-29855

IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted sessio...

5.4CVSS5.2AI score0.00215EPSS

CVE•added 2020/02/26 4:15 p.m.•31 views

CVE-2019-4598

6.5CVSS6.5AI score0.00298EPSS

CVE•added 2020/11/16 5:15 p.m.•31 views

CVE-2020-4475

IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 and 6.0.0.0 through 6.0.3.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system.

6.5CVSS6.1AI score0.00152EPSS

CVE•added 2020/12/16 9:15 p.m.•31 views

CVE-2020-4657

IBM Sterling B2B Integrator 5.2.0.0 through 6.0.3.2 Standard Edition is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted sessio...

6.1CVSS5.8AI score0.00247EPSS

CVE•added 2020/11/16 5:15 p.m.•31 views

CVE-2020-4700

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.2 and 5.2.0.0 through 5.2.6.5 could allow an authenticated user belonging to a specific user group to create a user or group with administrative privileges. IBM X-Force ID: 187077.

8.8CVSS8.2AI score0.00584EPSS

CVE•added 2019/04/25 3:29 p.m.•30 views

CVE-2018-1720

IBM Sterling B2B Integrator Standard Edition 5.2.0.1, 5.2.6.3_6, 6.0.0.0, and 6.0.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 147294.

7.5CVSS7.2AI score0.00096EPSS

CVE•added 2020/11/16 5:15 p.m.•30 views

CVE-2020-4566

IBM Sterling B2B Integrator Standard Edition 5.2.6.0 through 5.2.6.5 and 6.0.0.0 through 6.0.3.2 stores potentially highly sensitive information in log files that could be read by an authenticated user. IBM X-Force ID: 184083.

6.5CVSS5.9AI score0.00243EPSS

CVE•added 2021/10/07 6:15 p.m.•30 views

CVE-2021-20561

IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: ...

6.1CVSS5.8AI score0.00214EPSS

CVE•added 2018/09/20 3:29 p.m.•29 views

CVE-2018-1800

IBM Sterling B2B Integrator Standard Edition 5.2.6.0 and 6.2.6.1 could allow a local user to obtain highly sensitive information during a short time period when installation is occurring. IBM X-Force ID: 149607.

5.1CVSS4.3AI score0.00046EPSS

CVE•added 2021/10/06 5:15 p.m.•29 views

CVE-2021-29758

IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 could allow an authenticated user to perform actions that they should not be able to access due to improper access controls. IBM X-Force ID: 202169.

4.3CVSS4.3AI score0.00133EPSS

CVE•added 2020/02/26 4:15 p.m.•28 views

CVE-2019-4726

IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 172363.

4.3CVSS4.7AI score0.00129EPSS

CVE•added 2021/10/06 5:15 p.m.•27 views

CVE-2021-29760

IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 could allow an authenticated user to download unauthorized files through the dashboard user interface. IBM X-Force ID: 202213.

5.4CVSS4.3AI score0.00119EPSS

CVE•added 2020/11/16 5:15 p.m.•24 views

CVE-2020-4655

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.2 and 5.2.0.0 through 5.2.6.5 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-F...

8.8CVSS8.7AI score0.00372EPSS

CVE•added 2021/10/07 6:15 p.m.•24 views

CVE-2021-20375

IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 could allow an authenticated user to intercept and replace a message sent by another user due to improper access controls. IBM X-Force ID: 195567.

6.5CVSS6.2AI score0.00133EPSS

CVE•added 2025/06/18 4:15 p.m.•6 views

CVE-2024-54183

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.4 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially ...

5.4CVSS5.3AI score0.0003EPSS

CVE•added 2025/07/08 3:15 p.m.•6 views

CVE-2025-3630

IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.6, 6.2.0.0 through 6.2.0.4, IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6, and 6.2.0.0 through 6.2.0.4 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript code in the Web UI t...

6.4CVSS6.1AI score0.00029EPSS

CVE•added 2025/06/18 5:15 p.m.•5 views

CVE-2025-1349

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.4 is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potential...

5.5CVSS5.2AI score0.00034EPSS

CVE•added 2025/07/08 3:15 p.m.•5 views

CVE-2025-2793

IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.6, 6.2.0.0 through 6.2.0.4, IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6, and 6.2.0.0 through 6.2.0.4 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus a...

5.4CVSS6.3AI score0.00026EPSS

CVE•added 2025/06/18 5:15 p.m.•4 views

CVE-2024-54172

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.4 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.

4.3CVSS4.7AI score0.00015EPSS

CVE•added 2025/06/18 5:15 p.m.•3 views

CVE-2025-1348

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.4 could allow a local user to obtain sensitive information from a user’s web browser cache due to not using a suitable caching policy.

4CVSS3.8AI score0.00015EPSS

CVE•added 6 days ago•3 views

CVE-2025-33014

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7 and 6.2.0.0 through 6.2.0.4 uses a web link with untrusted references to an external site. A remote attacker could exploit this vulnerability to expose sensitive information or perform unauthorized actions on the vict...

5.4CVSS6.1AI score0.00028EPSS

Total number of security vulnerabilities179