VYPR

B2b Advanced Communications

by IBM

CVEs (7)

  • CVE-2023-24971HigJul 31, 2023
    risk 0.49cvss 7.5epss 0.01

    IBM B2B Advanced Communications 1.0.0.0 and IBM Multi-Enterprise Integration Gateway 1.0.0.1 could allow a user to cause a denial of service due to the deserializing of untrusted serialized Java objects. IBM X-Force ID: 246976.

  • CVE-2016-0341HigMay 15, 2016
    risk 0.49cvss 7.5epss 0.01

    IBM Multi-Enterprise Integration Gateway 1.0 through 1.0.0.1 and B2B Advanced Communications 1.0.0.2 through 1.0.0.4 do not require HTTPS, which might allow remote attackers to obtain sensitive information by sniffing the network.

  • CVE-2023-22595MedJul 31, 2023
    risk 0.35cvss 5.4epss 0.00

    IBM B2B Advanced Communications 1.0.0.0 and IBM Multi-Enterprise Integration Gateway 1.0.0.1 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to…

  • CVE-2016-5892MedOct 5, 2016
    risk 0.35cvss 5.4epss 0.01

    Cross-site scripting (XSS) vulnerability in IBM 10x, as used in Multi-Enterprise Integration Gateway 1.x through 1.0.0.1 and B2B Advanced Communications before 1.0.0.5_2, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2015-7445MedJan 1, 2016
    risk 0.28cvss 4.3epss 0.01

    IBM Multi-Enterprise Integration Gateway 1.0 through 1.0.0.1 and B2B Advanced Communications 1.x before 1.0.0.4, when guest access is configured, allow remote authenticated users to obtain sensitive information by reading error messages in responses.

  • CVE-2015-5022Oct 6, 2015
    risk 0.00cvss epss 0.01

    IBM Multi-Enterprise Integration Gateway 1.x through 1.0.0.1 and B2B Advanced Communications 1.0.0.2 and 1.0.0.3 before 1.0.0.3_2, when access by guests is enabled, place an internal hostname and a payload path in a response, which allows remote authenticated users to obtain…

  • CVE-2015-4973Oct 6, 2015
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in IBM Multi-Enterprise Integration Gateway 1.x through 1.0.0.1 and B2B Advanced Communications 1.0.0.2 and 1.0.0.3 before 1.0.0.3_2 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.