IBM Sterling B2B Integrator 6.0.0.1

CPE Details

IBM Sterling B2B Integrator 6.0.0.1
ibm
sterling_b2b_integrator
6.0.0.1
2019-11-19
12h05 +00:00
2019-11-19
12h05 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:ibm:sterling_b2b_integrator:6.0.0.1:*:*:*:*:*:*:*

Informations

Vendor

ibm

Product

sterling_b2b_integrator

Version

6.0.0.1

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2022-35638 2023-11-22 04h00 +00:00 IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.8 and 6.1.0.0 through 6.1.2.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 230824.
8.8
High
CVE-2021-39033 2022-04-19 16h15 +00:00 IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5 and 6.1.0.0 through 6.1.1.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 213963.
6.5
Medium
CVE-2021-29700 2021-10-07 18h06 +00:00 IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 could allow an authneticated attacker to obtain sensitive information from configuration files that could aid in further attacks against the system. IBM X-Force ID: 200656.
4.3
Medium
CVE-2021-20584 2021-10-07 18h05 +00:00 IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 could allow a remote attacker to upload arbitrary files, caused by improper access controls. IBM X-Force ID: 199397.
7.5
High
CVE-2021-20571 2021-10-07 18h05 +00:00 IBM Sterling B2B Integrator 5.2.0.0 through 6.1.1.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 199246.
5.4
Medium
CVE-2021-20561 2021-10-07 18h05 +00:00 IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 199230.
6.1
Medium
CVE-2021-20376 2021-10-07 18h05 +00:00 IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 could allow an authenticated attacker to enumerate usernames due to there being an observable discrepancy in returned messages. IBM X-Force ID: 195568.
4.3
Medium
CVE-2021-20375 2021-10-07 18h05 +00:00 IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 could allow an authenticated user to intercept and replace a message sent by another user due to improper access controls. IBM X-Force ID: 195567.
6.5
Medium
CVE-2021-20372 2021-10-07 18h05 +00:00 IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 could allow a remote authenticated user to cause a denial of another user's service due to insufficient permission checking. IBM X-Force ID: 195518.
4.3
Medium
CVE-2020-4312 2020-05-13 12h35 +00:00 IBM Sterling B2B Integrator Standard Edition 5.2.0.0 trough 6.0.3.1 could allow an authenticated user to obtain sensitive information from a cached web page. IBM X-Force ID: 177089.
4.3
Medium
CVE-2019-4377 2019-06-25 15h45 +00:00 IBM Sterling B2B Integrator 6.0.0.0 and 6.0.0.1 reveals sensitive information from a stack trace that could be used in further attacks against the system. IBM X-Force ID: 162803.
4.3
Medium