Ibm

Sterling B2b Integrator

187 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2021-20553

  • EPSS 0.06%
  • Veröffentlicht 19.12.2024 00:15:04
  • Zuletzt bearbeitet 06.03.2025 19:02:47

IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading ...

3.7

CVE-2023-42010

  • EPSS 0.12%
  • Veröffentlicht 17.07.2024 18:15:03
  • Zuletzt bearbeitet 21.11.2024 08:22:05

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.2 could disclose sensitive information in the HTTP response using man in the middle techniques. IBM X-Force ID: 265507.

5.4

CVE-2023-42011

  • EPSS 0.05%
  • Veröffentlicht 27.06.2024 18:15:13
  • Zuletzt bearbeitet 21.11.2024 08:22:06

IBM Sterling B2B Integrator Standard Edition 6.1 and 6.2 does not restrict or incorrectly restricts frame objects or UI layers that belong to another application or domain, which can lead to user confusion about which interface the user is interactin...

5.4

CVE-2023-42014

  • EPSS 0.1%
  • Veröffentlicht 27.06.2024 18:15:13
  • Zuletzt bearbeitet 21.11.2024 08:22:06

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.2.0.2 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality pote...

5.4

CVE-2023-45186

  • EPSS 0.1%
  • Veröffentlicht 12.04.2024 03:15:06
  • Zuletzt bearbeitet 07.03.2025 12:36:39

IBM Sterling B2B Integrator 6.0.0.0 through 6.0.3.9, 6.1.0.0 through 6.1.2.3, and 6.2.0.0 is vulnerable to cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended f...

5.4

CVE-2023-50307

  • EPSS 0.14%
  • Veröffentlicht 12.04.2024 03:15:06
  • Zuletzt bearbeitet 07.03.2025 12:36:39

IBM Sterling B2B Integrator 6.0.0.0 through 6.0.3.9, 6.1.0.0 through 6.1.2.3, and 6.2.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality...

5.4

CVE-2024-22357

  • EPSS 0.18%
  • Veröffentlicht 12.04.2024 03:15:06
  • Zuletzt bearbeitet 07.03.2025 12:36:39

IBM Sterling B2B Integrator 6.0.0.0 through 6.0.3.9, 6.1.0.0 through 6.1.2.3, and 6.2.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality...

6.5

CVE-2023-32341

  • EPSS 0.04%
  • Veröffentlicht 09.02.2024 01:15:08
  • Zuletzt bearbeitet 21.11.2024 08:03:08

IBM Sterling B2B Integrator 6.0.0.0 through 6.0.3.8 and 6.1.0.0 through 6.1.2.3 could allow an authenticated user to cause a denial of service due to uncontrolled resource consumption. IBM X-Force ID: 255827.

4.3

CVE-2023-42016

  • EPSS 0.03%
  • Veröffentlicht 09.02.2024 01:15:08
  • Zuletzt bearbeitet 21.11.2024 08:22:06

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.8 and 6.1.0.0 through 6.1.2.3 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to...

5.5

CVE-2023-25682

  • EPSS 0.02%
  • Veröffentlicht 22.11.2023 19:15:08
  • Zuletzt bearbeitet 21.11.2024 07:49:55

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.8 and 6.1.0.0 through 6.1.2.1 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 247034.