Sterling B2b Integrator

sterling_b2b_integrator

Vendor: Ibm • 195 CVEs

CVEs (195)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2017-1349 1Ibm 1Sterling B2b Integrator May 13, 2026 Jun 23, 2017 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 IBM Sterling B2B Integrator Standard Edition 5.2 stores potentially sensitive information from HTTP sessions that could be read by a local user. IBM X-Force ID: 126525.
CVE-2017-1348 1Ibm 1Sterling B2b Integrator May 13, 2026 Jun 23, 2017 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 IBM Sterling B2B Integrator Standard Edition 5.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentiall...Show more IBM Sterling B2B Integrator Standard Edition 5.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 126524.Show less
CVE-2017-1347 1Ibm 1Sterling B2b Integrator May 13, 2026 Jun 23, 2017 N/A· v4 8.8 HIGH· v3 6.5 MEDIUM· v2 IBM Sterling B2B Integrator Standard Edition 5.2 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in...Show more IBM Sterling B2B Integrator Standard Edition 5.2 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 126462.Show less
CVE-2017-1302 1Ibm 1Sterling B2b Integrator May 13, 2026 Jun 23, 2017 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 IBM Sterling B2B Integrator Standard Edition 5.2 could allow a local user view sensitive information due to improper access controls. IBM X-Force ID: 125456.
CVE-2017-1193 1Ibm 1Sterling B2b Integrator May 13, 2026 Jun 23, 2017 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 IBM Sterling B2B Integrator Standard Edition 5.2 could allow user to obtain sensitive information using an HTTP GET request. IBM X-Force ID: 123667.
CVE-2017-1132 1Ibm 1Sterling B2b Integrator May 13, 2026 Jun 23, 2017 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 IBM Sterling B2B Integrator Standard Edition 5.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentiall...Show more IBM Sterling B2B Integrator Standard Edition 5.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 121418.Show less
CVE-2017-1131 1Ibm 1Sterling B2b Integrator May 13, 2026 Jun 23, 2017 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 IBM Sterling B2B Integrator Standard Edition 5.2 could allow an authenticated user to obtain sensitive information by using unsupported, specially crafted HTTP commands. IBM X-Force ID: 121375.
CVE-2016-5893 1Ibm 1Sterling B2b Integrator May 13, 2026 Jun 23, 2017 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 IBM Sterling B2B Integrator Standard Edition 5.2 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 115336.
CVE-2017-1326 1Ibm 1Sterling B2b Integrator May 13, 2026 Jun 22, 2017 N/A· v4 4.3 MEDIUM· v3 4.0 MEDIUM· v2 IBM Sterling File Gateway does not properly restrict user requests based on permission level. This allows for users to update data related to other users, by manipulating the parameters passed in the POST request. IBM X-...Show more IBM Sterling File Gateway does not properly restrict user requests based on permission level. This allows for users to update data related to other users, by manipulating the parameters passed in the POST request. IBM X-Force ID: 126060.Show less
CVE-2016-9983 1Ibm 1Sterling B2b Integrator May 13, 2026 Jun 22, 2017 N/A· v4 5.3 MEDIUM· v3 3.5 LOW· v2 IBM Sterling B2B Integrator Standard Edition 5.2 could allow an authenticated user with special privileges to view files that they should not have access to. IBM X-Force ID: 120275.
CVE-2016-9982 1Ibm 1Sterling B2b Integrator May 13, 2026 Jun 22, 2017 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 IBM Sterling B2B Integrator Standard Edition 5.2 could allow an authenticated user to obtain sensitive information such as account lists due to improper access control. IBM X-Force ID: 120274.
CVE-2016-0210 1Ibm 1Sterling B2b Integrator May 13, 2026 Feb 8, 2017 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 IBM Sterling B2B Integrator Standard Edition could allow a remote attacker to obtain sensitive information. By allowing HTTP OPTIONS method, a remote attacker could send a specially-crafted query to a vulnerable server r...Show more IBM Sterling B2B Integrator Standard Edition could allow a remote attacker to obtain sensitive information. By allowing HTTP OPTIONS method, a remote attacker could send a specially-crafted query to a vulnerable server running to cause the server to disclose sensitive information in the HTTP response.Show less
CVE-2016-6020 1Ibm 1Sterling B2b Integrator May 13, 2026 Feb 1, 2017 N/A· v4 6.1 MEDIUM· v3 5.8 MEDIUM· v2 IBM Sterling B2B Integrator Standard Edition could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could...Show more IBM Sterling B2B Integrator Standard Edition could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim.Show less
CVE-2016-5890 1Ibm 1Sterling B2b Integrator May 6, 2026 Nov 30, 2016 N/A· v4 5.3 MEDIUM· v3 3.5 LOW· v2 IBM Sterling B2B Integrator 5.2 before 5020500_14 and 5.2 06 before 5020602_1 allows remote authenticated users to change arbitrary passwords via unspecified vectors.
CVE-2016-3057 1Ibm 1Sterling B2b Integrator May 6, 2026 Nov 30, 2016 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 Cross-site scripting (XSS) vulnerability in IBM Sterling B2B Integrator 5.2 before 5020500_14 and 5.2 06 before 5020602_1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2015-7450 1Ibm 7Sterling B2b Integrator Sterling IntegratorTivoli Common Reporting+4 more Apr 21, 2026 Jan 2, 2016 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 Serialized-object interfaces in certain IBM analytics, business solutions, cognitive, IT infrastructure, and mobile and social products allow remote attackers to execute arbitrary commands via a crafted serialized Java o...Show more Serialized-object interfaces in certain IBM analytics, business solutions, cognitive, IT infrastructure, and mobile and social products allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the InvokerTransformer class in the Apache Commons Collections library.Show less
CVE-2015-7438 1Ibm 1Sterling B2b Integrator May 6, 2026 Jan 2, 2016 N/A· v4 4.7 MEDIUM· v3 1.9 LOW· v2 IBM Sterling B2B Integrator 5.2 allows local users to obtain sensitive cleartext web-services information by leveraging database access.
CVE-2015-7437 1Ibm 1Sterling B2b Integrator May 6, 2026 Jan 2, 2016 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 Queue Watcher in IBM Sterling B2B Integrator 5.2 allows local users to obtain sensitive information via unspecified vectors.
CVE-2015-7431 1Ibm 1Sterling B2b Integrator May 6, 2026 Jan 2, 2016 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 Cross-site scripting (XSS) vulnerability in Queue Watcher in IBM Sterling B2B Integrator 5.2 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
CVE-2015-7410 1Ibm 1Sterling B2b Integrator May 6, 2026 Jan 1, 2016 N/A· v4 7.4 HIGH· v3 5.8 MEDIUM· v2 The Health Check tool in IBM Sterling B2B Integrator 5.2 does not properly use cookies in conjunction with HTTPS sessions, which allows man-in-the-middle attackers to obtain sensitive information or modify data via unspe...Show more The Health Check tool in IBM Sterling B2B Integrator 5.2 does not properly use cookies in conjunction with HTTPS sessions, which allows man-in-the-middle attackers to obtain sensitive information or modify data via unspecified vectors.Show less

Previous 1...6 789 10 Next