CVE-2021-39033

Published: Apr 19, 2022Modified: Nov 21, 2024

6.5

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Exploitability: 2.8 / Impact: 3.6

Source: NVD

Description

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5 and 6.1.0.0 through 6.1.1.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 213963.

Affected (2)

Products: Ibm: Sterling B2b Integrator

1 product

Sterling B2b Integrator

Configuration A

2 vulnerable · 3 platform

Vulnerable Software	Affected Versions
Ibm Sterling B2b Integrator	From 6.0.0.0 to 6.0.3.6
Ibm Sterling B2b Integrator	From 6.1.0.0 to 6.1.1.1

Running on/with	Platform Versions
Ibm Aix	All versions
Linux Linux Kernel	All versions
Microsoft Windows	All versions

Related CWEs

Generation of Error Message Containing Sensitive Information

The product generates an error message that includes sensitive information about its environment, users, or associated data.

References (4)

https://exchange.xforce.ibmcloud.com/vulnerabilities/213963

Source: psirt@us.ibm.com

VDB EntryVendor Advisory

https://www.ibm.com/support/pages/node/6573049

Source: psirt@us.ibm.com

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/213963

Source: af854a3a-2127-422b-91ae-364da2661108

VDB EntryVendor Advisory

https://www.ibm.com/support/pages/node/6573049

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.