CVE-2014-6146

Published: Nov 8, 2014Modified: May 6, 2026

1.9

Vector

AV:L/AC:M/Au:N/C:P/I:N/A:N

Exploitability: 3.4 / Impact: 2.9

Source: NVD

Description

IBM Sterling B2B Integrator 5.2.x through 5.2.4, when the Connect:Direct Server Adapter is configured, does not properly process the logging configuration, which allows local users to obtain sensitive information by reading log files.

Affected (3)

Products: Ibm: Sterling B2b Integrator

Ibm

1 product

Sterling B2b Integrator

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Ibm Sterling B2b Integrator	Version 5.2.1
Ibm Sterling B2b Integrator	Version 5.2.2
Ibm Sterling B2b Integrator	Version 5.2.4

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (8)

http://secunia.com/advisories/62190

Source: psirt@us.ibm.com

http://www-01.ibm.com/support/docview.wss?uid=swg1IT04337

Source: psirt@us.ibm.com

http://www-01.ibm.com/support/docview.wss?uid=swg21689082

Source: psirt@us.ibm.com

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/96916

Source: psirt@us.ibm.com

http://secunia.com/advisories/62190

Source: af854a3a-2127-422b-91ae-364da2661108

http://www-01.ibm.com/support/docview.wss?uid=swg1IT04337

Source: af854a3a-2127-422b-91ae-364da2661108

http://www-01.ibm.com/support/docview.wss?uid=swg21689082

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/96916

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.