Ibm

Sterling B2b Integrator

183 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2023-45186

  • EPSS 0.1%
  • Published 12.04.2024 03:15:06
  • Last modified 07.03.2025 12:36:39

IBM Sterling B2B Integrator 6.0.0.0 through 6.0.3.9, 6.1.0.0 through 6.1.2.3, and 6.2.0.0 is vulnerable to cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended f...

5.4

CVE-2023-50307

  • EPSS 0.14%
  • Published 12.04.2024 03:15:06
  • Last modified 07.03.2025 12:36:39

IBM Sterling B2B Integrator 6.0.0.0 through 6.0.3.9, 6.1.0.0 through 6.1.2.3, and 6.2.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality...

5.4

CVE-2024-22357

  • EPSS 0.18%
  • Published 12.04.2024 03:15:06
  • Last modified 07.03.2025 12:36:39

IBM Sterling B2B Integrator 6.0.0.0 through 6.0.3.9, 6.1.0.0 through 6.1.2.3, and 6.2.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality...

6.5

CVE-2023-32341

  • EPSS 0.04%
  • Published 09.02.2024 01:15:08
  • Last modified 21.11.2024 08:03:08

IBM Sterling B2B Integrator 6.0.0.0 through 6.0.3.8 and 6.1.0.0 through 6.1.2.3 could allow an authenticated user to cause a denial of service due to uncontrolled resource consumption. IBM X-Force ID: 255827.

4.3

CVE-2023-42016

  • EPSS 0.03%
  • Published 09.02.2024 01:15:08
  • Last modified 21.11.2024 08:22:06

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.8 and 6.1.0.0 through 6.1.2.3 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to...

5.5

CVE-2023-25682

  • EPSS 0.02%
  • Published 22.11.2023 19:15:08
  • Last modified 21.11.2024 07:49:55

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.8 and 6.1.0.0 through 6.1.2.1 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 247034.

8.8

CVE-2022-35638

  • EPSS 0.04%
  • Published 22.11.2023 04:15:07
  • Last modified 21.11.2024 07:11:24

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.8 and 6.1.0.0 through 6.1.2.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the ...

6.5

CVE-2023-22876

  • EPSS 0.07%
  • Published 15.03.2023 19:15:24
  • Last modified 21.11.2024 07:45:33

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.7 and 6.1.0.0 through 6.1.2.1 could allow a privileged user to obtain sensitive information that could aid in further attacks against the system. IBM X-Force ID: 244364.

5.4

CVE-2022-43578

  • EPSS 0.09%
  • Published 22.02.2023 18:15:10
  • Last modified 21.11.2024 07:26:49

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.7 and 6.1.0.0 through 6.1.2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functi...

8.8

CVE-2022-40231

  • EPSS 0.06%
  • Published 17.02.2023 19:15:11
  • Last modified 21.11.2024 07:21:07

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.7 and 6.1.0.0 through 6.1.2.0 could allow an authenticated user to perform unauthorized actions due to improper access controls. IBM X-Force ID: 235533.