Sterling B2b Integrator@6.1.2.0 Security Vulnerabilities and Issues — Sterling B2b Integrator@6.1.2.0 CVE List

Lucene search

IbmSterling B2b Integrator6.1.2.0

8 matches found

CVE•added 2023/01/04 6:15 p.m.•80 views

CVE-2022-22338

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.1 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 219510.

9.8CVSS7.9AI score0.00076EPSS

CVE•added 2023/01/04 6:15 p.m.•79 views

CVE-2022-43920

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.1 could allow an authenticated user to gain privileges in a different group due to an access control vulnerability in the Sftp server adapter. IBM X-Force ID: 241362.

8.8CVSS7.3AI score0.00073EPSS

CVE•added 2023/01/04 6:15 p.m.•78 views

CVE-2021-38928

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.1 uses Cross-Origin Resource Sharing (CORS) which could allow an attacker to carry out privileged actions and retrieve sensitive information as the domain name is not being limited to only trusted domains. IBM X-Force ID: 210323.

5.4CVSS5.1AI score0.00069EPSS

CVE•added 2023/01/05 7:15 a.m.•67 views

CVE-2022-34330

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted sessio...

6.1CVSS5.8AI score0.0013EPSS

CVE•added 2023/01/04 6:15 p.m.•63 views

CVE-2022-22352

5.4CVSS5.2AI score0.00135EPSS

CVE•added 2023/01/04 6:15 p.m.•62 views

CVE-2022-22337

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.1 could disclose sensitive information to an authenticated user. IBM X-Force ID: 219507.

6.5CVSS4.9AI score0.00072EPSS

CVE•added 2023/01/05 7:15 a.m.•55 views

CVE-2022-22371

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.1 does not invalidate session after a password change which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 221195.

6.5CVSS5.8AI score0.00024EPSS

CVE•added 2023/02/17 6:15 p.m.•45 views

CVE-2022-40232

IBM Sterling B2B Integrator Standard Edition 6.1.0.0 through 6.1.1.1, and 6.1.2.0 could allow an authenticated user to perform actions they should not have access to due to improper permission controls. IBM X-Force ID: 235597.

8.8CVSS7.1AI score0.00048EPSS