Filtered by vendor Ibm
Subscriptions
Filtered by product Sterling B2b Integrator
Subscriptions
Total
152 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-29836 | 1 Ibm | 1 Sterling B2b Integrator | 2024-09-16 | 5.4 Medium |
| IBM Sterling B2B Integrator Standard Edition 5.2.0.0. through 6.1.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204912. | ||||
| CVE-2020-4692 | 1 Ibm | 1 Sterling B2b Integrator | 2024-09-16 | 6.5 Medium |
| IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.2 and 5.2.0.0 through 5.2.6.5 could allow an authenticated user to obtain sensitive information from the Dashboard UI. IBM X-Force ID: 186780. | ||||
| CVE-2021-39035 | 5 Hp, Ibm, Linux and 2 more | 6 Hp-ux, Aix, Sterling B2b Integrator and 3 more | 2024-09-16 | 5.4 Medium |
| IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.4, and 6.1.1.0 through 6.1.1.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 213965. | ||||
| CVE-2019-4029 | 1 Ibm | 1 Sterling B2b Integrator | 2024-09-16 | 5.4 Medium |
| IBM Sterling B2B Integrator 5.2.0.1 through 6.0.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-force ID: 155907. | ||||
| CVE-2020-4700 | 1 Ibm | 1 Sterling B2b Integrator | 2024-09-16 | 8.8 High |
| IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.2 and 5.2.0.0 through 5.2.6.5 could allow an authenticated user belonging to a specific user group to create a user or group with administrative privileges. IBM X-Force ID: 187077. | ||||
| CVE-2018-1718 | 1 Ibm | 1 Sterling B2b Integrator | 2024-09-16 | N/A |
| IBM Sterling B2B Integrator Standard Edition 5.2.0.1 - 5.2.6.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 147166. | ||||
| CVE-2018-1800 | 1 Ibm | 1 Sterling B2b Integrator | 2024-09-16 | N/A |
| IBM Sterling B2B Integrator Standard Edition 5.2.6.0 and 6.2.6.1 could allow a local user to obtain highly sensitive information during a short time period when installation is occurring. IBM X-Force ID: 149607. | ||||
| CVE-2021-20375 | 1 Ibm | 1 Sterling B2b Integrator | 2024-09-16 | 6.5 Medium |
| IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 could allow an authenticated user to intercept and replace a message sent by another user due to improper access controls. IBM X-Force ID: 195567. | ||||
| CVE-2020-4705 | 1 Ibm | 1 Sterling B2b Integrator | 2024-09-16 | 4.8 Medium |
| IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.2 and 5.2.0.0 through 5.2.6.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 187190. | ||||
| CVE-2021-20562 | 5 Hp, Ibm, Linux and 2 more | 7 Hp-ux, Aix, I and 4 more | 2024-09-16 | 5.4 Medium |
| IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5_3 and 6.1.0.0 through 6.1.0.2 vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 199232. | ||||
| CVE-2018-1720 | 1 Ibm | 1 Sterling B2b Integrator | 2024-09-16 | N/A |
| IBM Sterling B2B Integrator Standard Edition 5.2.0.1, 5.2.6.3_6, 6.0.0.0, and 6.0.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 147294. | ||||
| CVE-2020-4564 | 1 Ibm | 2 Sterling B2b Integrator, Sterling File Gateway | 2024-09-16 | 5.4 Medium |
| IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.0.3.1 and IBM Sterling File Gateway 2.2.0.0 through 6.0.3.1 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 183933. | ||||
| CVE-2019-4222 | 1 Ibm | 1 Sterling B2b Integrator | 2024-09-16 | 4.3 Medium |
| IBM Sterling B2B Integrator Standard Edition 6.0.0.0 and 6.0.0.1 could allow an authenticated user to view process definition of a business process without permission. IBM X-Force ID: 159231. | ||||
| CVE-2021-20372 | 1 Ibm | 1 Sterling B2b Integrator | 2024-09-16 | 4.3 Medium |
| IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 could allow a remote authenticated user to cause a denial of another user's service due to insufficient permission checking. IBM X-Force ID: 195518. | ||||
| CVE-2019-4043 | 1 Ibm | 1 Sterling B2b Integrator | 2024-09-16 | 7.1 High |
| IBM Sterling B2B Integrator Standard Edition 5.2.0 snf 6.0.0.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 156239. | ||||
| CVE-2021-29764 | 1 Ibm | 1 Sterling B2b Integrator | 2024-09-16 | 5.4 Medium |
| IBM Sterling B2B Integrator 5.2.0.0 through 6.1.1.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 202268. | ||||
| CVE-2018-1679 | 1 Ibm | 1 Sterling B2b Integrator | 2024-09-16 | N/A |
| IBM Sterling B2B Integrator Standard Edition 5.2 through 5.2.6 could allow an unauthenticated user to obtain sensitive information that could be used in further attacks against the system. IBM X-Force ID: 145180. | ||||
| CVE-2019-4597 | 1 Ibm | 1 Sterling B2b Integrator | 2024-09-16 | 6.3 Medium |
| IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 167880. | ||||
| CVE-2023-42016 | 1 Ibm | 1 Sterling B2b Integrator | 2024-08-22 | 4.3 Medium |
| IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.8 and 6.1.0.0 through 6.1.2.3 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. IBM X-Force ID: 265559. | ||||
| CVE-2012-5937 | 1 Ibm | 4 Gentran Integration Suite, Sterling B2b Integrator, Sterling File Gateway and 1 more | 2024-08-06 | N/A |
| Unspecified vulnerability in the CLA2 server in IBM Gentran Integration Suite 4.3, Sterling Integrator 5.0 and 5.1, and Sterling B2B Integrator 5.2, as used in IBM Sterling File Gateway 1.1 through 2.2 and other products, allows remote attackers to execute arbitrary commands via unknown vectors. | ||||