Ibm

Sterling B2b Integrator

183 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2023-45186

  • EPSS 0.1%
  • Veröffentlicht 12.04.2024 03:15:06
  • Zuletzt bearbeitet 07.03.2025 12:36:39

IBM Sterling B2B Integrator 6.0.0.0 through 6.0.3.9, 6.1.0.0 through 6.1.2.3, and 6.2.0.0 is vulnerable to cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended f...

5.4

CVE-2023-50307

  • EPSS 0.14%
  • Veröffentlicht 12.04.2024 03:15:06
  • Zuletzt bearbeitet 07.03.2025 12:36:39

IBM Sterling B2B Integrator 6.0.0.0 through 6.0.3.9, 6.1.0.0 through 6.1.2.3, and 6.2.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality...

5.4

CVE-2024-22357

  • EPSS 0.18%
  • Veröffentlicht 12.04.2024 03:15:06
  • Zuletzt bearbeitet 07.03.2025 12:36:39

IBM Sterling B2B Integrator 6.0.0.0 through 6.0.3.9, 6.1.0.0 through 6.1.2.3, and 6.2.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality...

6.5

CVE-2023-32341

  • EPSS 0.04%
  • Veröffentlicht 09.02.2024 01:15:08
  • Zuletzt bearbeitet 21.11.2024 08:03:08

IBM Sterling B2B Integrator 6.0.0.0 through 6.0.3.8 and 6.1.0.0 through 6.1.2.3 could allow an authenticated user to cause a denial of service due to uncontrolled resource consumption. IBM X-Force ID: 255827.

4.3

CVE-2023-42016

  • EPSS 0.03%
  • Veröffentlicht 09.02.2024 01:15:08
  • Zuletzt bearbeitet 21.11.2024 08:22:06

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.8 and 6.1.0.0 through 6.1.2.3 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to...

5.5

CVE-2023-25682

  • EPSS 0.02%
  • Veröffentlicht 22.11.2023 19:15:08
  • Zuletzt bearbeitet 21.11.2024 07:49:55

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.8 and 6.1.0.0 through 6.1.2.1 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 247034.

8.8

CVE-2022-35638

  • EPSS 0.04%
  • Veröffentlicht 22.11.2023 04:15:07
  • Zuletzt bearbeitet 21.11.2024 07:11:24

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.8 and 6.1.0.0 through 6.1.2.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the ...

6.5

CVE-2023-22876

  • EPSS 0.07%
  • Veröffentlicht 15.03.2023 19:15:24
  • Zuletzt bearbeitet 21.11.2024 07:45:33

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.7 and 6.1.0.0 through 6.1.2.1 could allow a privileged user to obtain sensitive information that could aid in further attacks against the system. IBM X-Force ID: 244364.

5.4

CVE-2022-43578

  • EPSS 0.09%
  • Veröffentlicht 22.02.2023 18:15:10
  • Zuletzt bearbeitet 21.11.2024 07:26:49

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.7 and 6.1.0.0 through 6.1.2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functi...

8.8

CVE-2022-40231

  • EPSS 0.06%
  • Veröffentlicht 17.02.2023 19:15:11
  • Zuletzt bearbeitet 21.11.2024 07:21:07

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.7 and 6.1.0.0 through 6.1.2.0 could allow an authenticated user to perform unauthorized actions due to improper access controls. IBM X-Force ID: 235533.