Medium severity6.5NVD Advisory· Published Aug 2, 2017· Updated May 13, 2026

CVE-2015-0194

Description

XML External Entity (XXE) vulnerability in IBM Sterling B2B Integrator 5.1 and 5.2 and IBM Sterling File Gateway 2.1 and 2.2 allows remote attackers to read arbitrary files via a crafted XML data.

Affected products

IBM/Sterling B2b Integrator2 versions
cpe:2.3:a:ibm:sterling_b2b_integrator:5.1:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:ibm:sterling_b2b_integrator:5.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:sterling_b2b_integrator:5.2:*:*:*:*:*:*:*
IBM/Sterling File Gateway2 versions
cpe:2.3:a:ibm:sterling_file_gateway:2.1:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:ibm:sterling_file_gateway:2.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:sterling_file_gateway:2.2:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www-01.ibm.com/support/docview.wssnvdPatchVendor Advisory
www-01.ibm.com/support/docview.wssnvdVendor Advisory
www.securityfocus.com/bid/73401nvdThird Party AdvisoryVDB Entry

News mentions

No linked articles in our index yet.

cvss	0.423
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000