Ibm

Sterling B2b Integrator

187 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2015-0194

  • EPSS 0.19%
  • Veröffentlicht 02.08.2017 19:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

XML External Entity (XXE) vulnerability in IBM Sterling B2B Integrator 5.1 and 5.2 and IBM Sterling File Gateway 2.1 and 2.2 allows remote attackers to read arbitrary files via a crafted XML data.

5.4

CVE-2017-1496

  • EPSS 0.2%
  • Veröffentlicht 31.07.2017 21:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

IBM Sterling B2B Integrator Standard Edition 5.2.x is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials dis...

5.5

CVE-2016-5893

  • EPSS 0.07%
  • Veröffentlicht 23.06.2017 16:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

IBM Sterling B2B Integrator Standard Edition 5.2 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 115336.

6.5

CVE-2017-1131

  • EPSS 0.19%
  • Veröffentlicht 23.06.2017 16:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

IBM Sterling B2B Integrator Standard Edition 5.2 could allow an authenticated user to obtain sensitive information by using unsupported, specially crafted HTTP commands. IBM X-Force ID: 121375.

5.4

CVE-2017-1132

  • EPSS 0.27%
  • Veröffentlicht 23.06.2017 16:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

IBM Sterling B2B Integrator Standard Edition 5.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials discl...

6.5

CVE-2017-1193

  • EPSS 0.29%
  • Veröffentlicht 23.06.2017 16:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

IBM Sterling B2B Integrator Standard Edition 5.2 could allow user to obtain sensitive information using an HTTP GET request. IBM X-Force ID: 123667.

5.5

CVE-2017-1302

  • EPSS 0.06%
  • Veröffentlicht 23.06.2017 16:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

IBM Sterling B2B Integrator Standard Edition 5.2 could allow a local user view sensitive information due to improper access controls. IBM X-Force ID: 125456.

8.8

CVE-2017-1347

  • EPSS 0.62%
  • Veröffentlicht 23.06.2017 16:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

IBM Sterling B2B Integrator Standard Edition 5.2 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-...

5.4

CVE-2017-1348

  • EPSS 0.27%
  • Veröffentlicht 23.06.2017 16:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

IBM Sterling B2B Integrator Standard Edition 5.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials discl...

5.5

CVE-2017-1349

  • EPSS 0.06%
  • Veröffentlicht 23.06.2017 16:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

IBM Sterling B2B Integrator Standard Edition 5.2 stores potentially sensitive information from HTTP sessions that could be read by a local user. IBM X-Force ID: 126525.