Ibm

Sterling B2b Integrator

183 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2020-4937

  • EPSS 0.11%
  • Veröffentlicht 20.11.2020 14:15:12
  • Zuletzt bearbeitet 21.11.2024 05:33:27

IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.0.3.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 191814.

8.8

CVE-2020-4700

  • EPSS 0.58%
  • Veröffentlicht 16.11.2020 17:15:14
  • Zuletzt bearbeitet 21.11.2024 05:33:08

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.2 and 5.2.0.0 through 5.2.6.5 could allow an authenticated user belonging to a specific user group to create a user or group with administrative privileges. IBM X-Force ID: 187077.

4.8

CVE-2020-4705

  • EPSS 0.16%
  • Veröffentlicht 16.11.2020 17:15:14
  • Zuletzt bearbeitet 21.11.2024 05:33:09

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.2 and 5.2.0.0 through 5.2.6.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functi...

6.5

CVE-2020-4475

  • EPSS 0.15%
  • Veröffentlicht 16.11.2020 17:15:13
  • Zuletzt bearbeitet 21.11.2024 05:32:46

IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 and 6.0.0.0 through 6.0.3.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could ...

6.5

CVE-2020-4566

  • EPSS 0.24%
  • Veröffentlicht 16.11.2020 17:15:13
  • Zuletzt bearbeitet 21.11.2024 05:32:54

IBM Sterling B2B Integrator Standard Edition 5.2.6.0 through 5.2.6.5 and 6.0.0.0 through 6.0.3.2 stores potentially highly sensitive information in log files that could be read by an authenticated user. IBM X-Force ID: 184083.

8.8

CVE-2020-4655

  • EPSS 0.37%
  • Veröffentlicht 16.11.2020 17:15:13
  • Zuletzt bearbeitet 21.11.2024 05:33:03

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.2 and 5.2.0.0 through 5.2.6.5 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or del...

6.5

CVE-2020-4671

  • EPSS 0.24%
  • Veröffentlicht 16.11.2020 17:15:13
  • Zuletzt bearbeitet 21.11.2024 05:33:06

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.2 and 5.2.0.0 through 5.2.6.5 stores potentially sensitive information in log files that could be read by an authenticatedl user. IBM X-Force ID: 186284.

6.5

CVE-2020-4692

  • EPSS 0.21%
  • Veröffentlicht 16.11.2020 17:15:13
  • Zuletzt bearbeitet 21.11.2024 05:33:08

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.2 and 5.2.0.0 through 5.2.6.5 could allow an authenticated user to obtain sensitive information from the Dashboard UI. IBM X-Force ID: 186780.

5.4

CVE-2020-4564

  • EPSS 0.26%
  • Veröffentlicht 20.10.2020 15:15:13
  • Zuletzt bearbeitet 21.11.2024 05:32:54

IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.0.3.1 and IBM Sterling File Gateway 2.2.0.0 through 6.0.3.1 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus a...

8.8

CVE-2019-4680

  • EPSS 0.47%
  • Veröffentlicht 20.10.2020 15:15:12
  • Zuletzt bearbeitet 21.11.2024 04:43:58

IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.0.2.2 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-...