Sterling B2b Integrator Security Vulnerabilities and Issues — Sterling B2b Integrator CVE List

Lucene search

IbmSterling B2b Integrator

21 matches found

CVE•added 2025/01/22 4:15 p.m.•109 views

CVE-2024-31903

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.2 allow an attacker on the local network to execute arbitrary code on the system, caused by the deserialization of untrusted data.

8.8CVSS8.8AI score0.12905EPSS

CVE•added 2025/01/23 3:15 a.m.•91 views

CVE-2023-50309

IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted sess...

6.4CVSS5.9AI score0.00023EPSS

CVE•added 2025/01/23 3:15 a.m.•89 views

CVE-2023-32340

IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

5.4CVSS5AI score0.00023EPSS

CVE•added 2025/01/28 1:15 a.m.•73 views

CVE-2023-50316

IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.1is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database.

9.8CVSS7.5AI score0.00059EPSS

CVE•added 2025/01/06 4:15 p.m.•65 views

CVE-2024-31913

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.2 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials...

5.5CVSS5.3AI score0.00034EPSS

CVE•added 2025/01/31 4:15 p.m.•57 views

CVE-2024-45089

IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.3 Standard Edition EBICS server could allow an authenticated user to obtain sensitive filename information due to an observable discrepancy.

4.3CVSS4.3AI score0.00037EPSS

CVE•added 2025/01/06 4:15 p.m.•53 views

CVE-2024-31914

6.4CVSS6AI score0.00058EPSS

CVE•added 2025/01/31 4:15 p.m.•52 views

CVE-2024-40696

IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.3 Standard Edition is vulnerable to cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to creden...

5.4CVSS5.1AI score0.00022EPSS

CVE•added 2025/01/31 4:15 p.m.•52 views

CVE-2024-49807

IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.3 Standard Edition is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading ...

6.4CVSS5.9AI score0.00023EPSS

CVE•added 2025/01/28 1:15 a.m.•51 views

CVE-2024-27263

IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.1 could allow an authenticated user to obtain sensitive information from the dashboard UI using man in the middle techniques.

5.3CVSS6.1AI score0.00024EPSS

CVE•added 2025/01/31 4:15 p.m.•49 views

CVE-2023-38739

IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.

8.8CVSS4.7AI score0.00017EPSS

CVE•added 2025/01/31 4:15 p.m.•49 views

CVE-2024-47116

IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.3 Standard Edition is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to cr...

5.4CVSS5.3AI score0.00023EPSS

CVE•added 2025/01/31 4:15 p.m.•47 views

CVE-2024-47103

5.4CVSS5.1AI score0.00021EPSS

CVE•added 2025/03/11 5:16 p.m.•37 views

CVE-2024-56338

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.3 is vulnerable to cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to creden...

4.8CVSS4.9AI score0.00048EPSS

CVE•added 2025/06/18 4:15 p.m.•7 views

CVE-2024-54183

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.4 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially ...

5.4CVSS5.3AI score0.00031EPSS

CVE•added 2025/07/08 3:15 p.m.•7 views

CVE-2025-3630

IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.6, 6.2.0.0 through 6.2.0.4, IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6, and 6.2.0.0 through 6.2.0.4 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript code in the Web UI t...

6.4CVSS6.1AI score0.00029EPSS

CVE•added 2025/06/18 5:15 p.m.•6 views

CVE-2025-1349

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.4 is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potential...

5.5CVSS5.2AI score0.00029EPSS

CVE•added 2025/07/08 3:15 p.m.•6 views

CVE-2025-2793

IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.6, 6.2.0.0 through 6.2.0.4, IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6, and 6.2.0.0 through 6.2.0.4 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus a...

5.4CVSS6.3AI score0.00026EPSS

CVE•added 2025/06/18 5:15 p.m.•5 views

CVE-2024-54172

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.4 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.

4.3CVSS4.7AI score0.00016EPSS

CVE•added 2025/06/18 5:15 p.m.•4 views

CVE-2025-1348

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.4 could allow a local user to obtain sensitive information from a user’s web browser cache due to not using a suitable caching policy.

4CVSS3.8AI score0.00015EPSS

CVE•added 2025/07/18 7:15 p.m.•4 views

CVE-2025-33014

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7 and 6.2.0.0 through 6.2.0.4 uses a web link with untrusted references to an external site. A remote attacker could exploit this vulnerability to expose sensitive information or perform unauthorized actions on the vict...

5.4CVSS6.1AI score0.00029EPSS