Ibm

Sterling B2b Integrator

190 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1

CVE-2025-36066

  • EPSS 0.06%
  • Veröffentlicht 20.01.2026 15:14:03
  • Zuletzt bearbeitet 03.02.2026 21:57:24

IBM Sterling Connect:Express Adapter for Sterling B2B Integrator 5.2.0 5.2.0.00 through 5.2.0.12 is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript code in the Web UI thus alteri...

6.5

CVE-2025-36065

  • EPSS 0.03%
  • Veröffentlicht 20.01.2026 15:12:47
  • Zuletzt bearbeitet 03.02.2026 21:57:55

IBM Sterling Connect:Express Adapter for Sterling B2B Integrator 5.2.0 5.2.0.00 through 5.2.0.12 does not invalidate session after a browser closure which could allow an authenticated user to impersonate another user on the system.

6.3

CVE-2025-36063

  • EPSS 0.04%
  • Veröffentlicht 20.01.2026 15:10:57
  • Zuletzt bearbeitet 26.01.2026 15:05:23

IBM Sterling Connect:Express Adapter for Sterling B2B Integrator 5.2.0 5.2.0.00 through 5.2.0.12 does not invalidate session after a logout which could allow an authenticated user to impersonate another user on the system.

7.5

CVE-2025-36134

  • EPSS 0.04%
  • Veröffentlicht 25.11.2025 14:40:55
  • Zuletzt bearbeitet 01.12.2025 15:05:10

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7 and 6.2.0.0 through 6.2.0.5 and 6.2.1.1 could disclose sensitive information due to a missing or insecure SameSite attribute for a sensitive cookie.

5.3

CVE-2025-36112

  • EPSS 0.04%
  • Veröffentlicht 24.11.2025 18:25:03
  • Zuletzt bearbeitet 01.12.2025 16:05:56

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7 and 6.2.0.0 through 6.2.0.5 and 6.2.1.1 could reveal sensitive server IP configuration information to an unauthorized user.

5.4

CVE-2025-36135

  • EPSS 0.04%
  • Veröffentlicht 07.11.2025 18:26:57
  • Zuletzt bearbeitet 11.12.2025 23:44:42

IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.7_1, 6.2.0.0 through 6.2.0.5, and 6.2.1.0 and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7_1, 6.2.0.0 through 6.2.0.5, and 6.2.1.0 is vulnerable to cross-site scripting. This vulnerability allows...

5.5

CVE-2025-36002

  • EPSS 0.02%
  • Veröffentlicht 16.10.2025 14:54:53
  • Zuletzt bearbeitet 25.10.2025 02:15:39

IBM Sterling B2B Integrator 6.2.0.0 through 6.2.0.5, and 6.2.1.0 and IBM Sterling File Gateway 6.2.0.0 through 6.2.0.5, and 6.2.1.0 stores user credentials in configuration files which can be read by a local user.

4.9

CVE-2025-2667

  • EPSS 0.03%
  • Veröffentlicht 04.09.2025 14:45:23
  • Zuletzt bearbeitet 10.09.2025 17:19:28

IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.7_1 and 6.2.0.0 through 6.2.0.4 and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7_1 and 6.2.0.0 through 6.2.0.4 could disclose sensitive system information about the server to a privileged user th...

4.8

CVE-2025-2694

  • EPSS 0.02%
  • Veröffentlicht 04.09.2025 14:43:26
  • Zuletzt bearbeitet 10.09.2025 17:15:33

IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.7_1 and 6.2.0.0 through 6.2.0.4 and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7_1 and 6.2.0.0 through 6.2.0.4 is vulnerable to cross-site scripting. This vulnerability allows a privileged user t...

6.5

CVE-2025-2988

  • EPSS 0.03%
  • Veröffentlicht 19.08.2025 19:15:58
  • Zuletzt bearbeitet 17.09.2025 17:56:23

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7, 6.2.0.0 through 6.2.0.4, and 6.2.1.0 could disclose sensitive server information to an unauthorized user that could aid in further attacks against the system.