6.2

CVE-2023-25682

IBM Sterling B2B Integrator information disclosure

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.8 and 6.1.0.0 through 6.1.2.1 stores potentially sensitive information in log files that could be read by a local user.  IBM X-Force ID:  247034.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IbmSterling B2b Integrator SwEditionstandard Version >= 6.0.0.0 < 6.0.3.9
IbmSterling B2b Integrator SwEditionstandard Version >= 6.1.0.0 < 6.1.2.3
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.23% 0.133
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
psirt@us.ibm.com 6.2 2.5 3.6
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CWE-532 Insertion of Sensitive Information into Log File

The product writes sensitive information to a log file.

https://exchange.xforce.ibmcloud.com/vulnerabilities/247034
Vendor Advisory
VDB Entry
https://www.ibm.com/support/pages/node/7080172
Vendor Advisory