VYPR

Sterling B2b Integrator

by IBM

CVEs (193)

  • CVE-2018-1679MedJul 20, 2018
    risk 0.35cvss 5.3epss 0.02

    IBM Sterling B2B Integrator Standard Edition 5.2 through 5.2.6 could allow an unauthenticated user to obtain sensitive information that could be used in further attacks against the system. IBM X-Force ID: 145180.

  • CVE-2014-0912MedApr 20, 2018
    risk 0.35cvss 5.3epss 0.02

    IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote attackers to obtain sensitive product information via vectors related to an error page. IBM X-Force ID: 92072.

  • CVE-2017-1482MedDec 7, 2017
    risk 0.35cvss 5.4epss 0.01

    IBM Sterling B2B Integrator Standard Edition 5.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted…

  • CVE-2017-1496MedJul 31, 2017
    risk 0.35cvss 5.4epss 0.01

    IBM Sterling B2B Integrator Standard Edition 5.2.x is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted…

  • CVE-2017-1348MedJun 23, 2017
    risk 0.35cvss 5.4epss 0.01

    IBM Sterling B2B Integrator Standard Edition 5.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted…

  • CVE-2017-1132MedJun 23, 2017
    risk 0.35cvss 5.4epss 0.01

    IBM Sterling B2B Integrator Standard Edition 5.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted…

  • CVE-2016-9983MedJun 22, 2017
    risk 0.35cvss 5.3epss 0.01

    IBM Sterling B2B Integrator Standard Edition 5.2 could allow an authenticated user with special privileges to view files that they should not have access to. IBM X-Force ID: 120275.

  • CVE-2016-0210MedFeb 8, 2017
    risk 0.35cvss 5.3epss 0.02

    IBM Sterling B2B Integrator Standard Edition could allow a remote attacker to obtain sensitive information. By allowing HTTP OPTIONS method, a remote attacker could send a specially-crafted query to a vulnerable server running to cause the server to disclose sensitive…

  • CVE-2016-5890MedNov 30, 2016
    risk 0.35cvss 5.3epss 0.01

    IBM Sterling B2B Integrator 5.2 before 5020500_14 and 5.2 06 before 5020602_1 allows remote authenticated users to change arbitrary passwords via unspecified vectors.

  • CVE-2018-1800MedSep 20, 2018
    risk 0.33cvss 5.1epss 0.00

    IBM Sterling B2B Integrator Standard Edition 5.2.6.0 and 6.2.6.1 could allow a local user to obtain highly sensitive information during a short time period when installation is occurring. IBM X-Force ID: 149607.

  • CVE-2017-1575MedJul 20, 2018
    risk 0.33cvss 5.1epss 0.00

    IBM Sterling B2B Integrator Standard Edition (IBM Sterling File Gateway 2.2.0 through 2.2.6) uses weaker than expected cryptographic algorithms that could allow a local attacker to decrypt highly sensitive information. IBM X-Force ID: 132032.

  • CVE-2015-7438MedJan 2, 2016
    risk 0.31cvss 4.7epss 0.00

    IBM Sterling B2B Integrator 5.2 allows local users to obtain sensitive cleartext web-services information by leveraging database access.

  • CVE-2018-1564MedJul 20, 2018
    risk 0.29cvss 4.4epss 0.00

    IBM Sterling B2B Integrator Standard Edition 5.2 through 5.2.6 could allow a local user with administrator privileges to obtain user passwords found in debugging messages. IBM X-Force ID: 142968.

  • CVE-2017-1633MedJul 20, 2018
    risk 0.28cvss 4.3epss 0.02

    IBM Sterling B2B Integrator 5.2 through 5.2.6 could allow an authenticated attacker to obtain sensitive variable name information using specially crafted HTTP requests. IBM X-Force ID: 133180.

  • CVE-2017-1481MedDec 7, 2017
    risk 0.28cvss 4.3epss 0.01

    IBM Sterling B2B Integrator Standard Edition 5.2 allows a user to view sensitive information that belongs to another user. IBM X-Force ID: 128619.

  • CVE-2017-1326MedJun 22, 2017
    risk 0.28cvss 4.3epss 0.01

    IBM Sterling File Gateway does not properly restrict user requests based on permission level. This allows for users to update data related to other users, by manipulating the parameters passed in the POST request. IBM X-Force ID: 126060.

  • CVE-2017-1544LowJul 20, 2018
    risk 0.16cvss 2.4epss 0.00

    IBM Sterling B2B Integrator Standard Edition (IBM Sterling File Gateway 2.2.0 through 2.2.6) caches usernames and passwords in browsers that could be used by a local attacker to obtain sensitive information. IBM X-Force ID: 130812.

  • CVE-2024-31903Jan 22, 2025
    risk 0.01cvss epss 0.01

    IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.2 allow an attacker on the local network to execute arbitrary code on the system, caused by the deserialization of untrusted data.

  • CVE-2019-4728Jan 5, 2021
    risk 0.01cvss epss 0.05

    IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5_2, 6.0.0.0 through 6.0.3.2, and 6.1.0.0 could allow a remote attacker to execute arbitrary code on the system, caused by the deserialization of untrusted data. By sending specially crafted request, an attacker…

  • CVE-2026-1264Mar 17, 2026
    risk 0.00cvss epss 0.00

    IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.1.0.0 through 6.1.2.7_2, 6.2.0.0 through 6.2.0.5_1, 6.2.1.0 through 6.2.1.1_1, and 6.2.2.0 allows a remote unauthenticated attacker to view and delete the partners of a community and to delete the communities.

Page 2 of 10