Total
152 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-4312 | 1 Ibm | 1 Sterling B2b Integrator | 2024-02-28 | 4.0 MEDIUM | 4.3 MEDIUM |
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 trough 6.0.3.1 could allow an authenticated user to obtain sensitive information from a cached web page. IBM X-Force ID: 177089. | |||||
CVE-2019-4596 | 1 Ibm | 1 Sterling B2b Integrator | 2024-02-28 | 3.5 LOW | 5.4 MEDIUM |
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 167879. | |||||
CVE-2019-4595 | 1 Ibm | 1 Sterling B2b Integrator | 2024-02-28 | 5.8 MEDIUM | 6.1 MEDIUM |
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force ID: 167878. | |||||
CVE-2019-4726 | 1 Ibm | 1 Sterling B2b Integrator | 2024-02-28 | 4.3 MEDIUM | 4.3 MEDIUM |
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 172363. | |||||
CVE-2019-4598 | 1 Ibm | 1 Sterling B2b Integrator | 2024-02-28 | 6.5 MEDIUM | 6.3 MEDIUM |
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 167881. | |||||
CVE-2019-4387 | 1 Ibm | 1 Sterling B2b Integrator | 2024-02-28 | 6.5 MEDIUM | 8.8 HIGH |
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.2.0 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 162715. | |||||
CVE-2019-4597 | 1 Ibm | 1 Sterling B2b Integrator | 2024-02-28 | 6.5 MEDIUM | 6.3 MEDIUM |
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 167880. | |||||
CVE-2019-4258 | 1 Ibm | 1 Sterling B2b Integrator | 2024-02-28 | 3.5 LOW | 5.4 MEDIUM |
IBM Sterling B2B Integrator 6.0.0.0 and 6.0.0.1 Standard Edition is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 159946. | |||||
CVE-2019-4074 | 1 Ibm | 1 Sterling B2b Integrator | 2024-02-28 | 3.5 LOW | 5.4 MEDIUM |
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 and 6.0.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 157108. | |||||
CVE-2019-4148 | 1 Ibm | 1 Sterling B2b Integrator | 2024-02-28 | 3.5 LOW | 5.4 MEDIUM |
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 and 6.0.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 158414. | |||||
CVE-2019-4077 | 1 Ibm | 1 Sterling B2b Integrator | 2024-02-28 | 3.5 LOW | 5.4 MEDIUM |
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 and 6.0.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 157111. | |||||
CVE-2019-4146 | 1 Ibm | 1 Sterling B2b Integrator | 2024-02-28 | 3.5 LOW | 3.1 LOW |
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 and 6.0.0.1 could allow an authenticated user to obtain sensitive document information under unusual circumstances. IBM X-Force ID: 158401. | |||||
CVE-2019-4076 | 1 Ibm | 1 Sterling B2b Integrator | 2024-02-28 | 3.5 LOW | 5.4 MEDIUM |
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 and 6.0.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 157110. | |||||
CVE-2019-4073 | 1 Ibm | 1 Sterling B2b Integrator | 2024-02-28 | 3.5 LOW | 5.4 MEDIUM |
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 and 6.0.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 157107. | |||||
CVE-2019-4075 | 1 Ibm | 1 Sterling B2b Integrator | 2024-02-28 | 3.5 LOW | 5.4 MEDIUM |
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 and 6.0.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 157109. | |||||
CVE-2019-4377 | 5 Hp, Ibm, Linux and 2 more | 7 Hp-ux, Aix, I and 4 more | 2024-02-28 | 4.0 MEDIUM | 4.3 MEDIUM |
IBM Sterling B2B Integrator 6.0.0.0 and 6.0.0.1 reveals sensitive information from a stack trace that could be used in further attacks against the system. IBM X-Force ID: 162803. | |||||
CVE-2019-4222 | 1 Ibm | 1 Sterling B2b Integrator | 2024-02-28 | 4.0 MEDIUM | 4.3 MEDIUM |
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 and 6.0.0.1 could allow an authenticated user to view process definition of a business process without permission. IBM X-Force ID: 159231. | |||||
CVE-2019-4043 | 1 Ibm | 1 Sterling B2b Integrator | 2024-02-28 | 5.5 MEDIUM | 7.1 HIGH |
IBM Sterling B2B Integrator Standard Edition 5.2.0 snf 6.0.0.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 156239. | |||||
CVE-2018-1720 | 1 Ibm | 1 Sterling B2b Integrator | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
IBM Sterling B2B Integrator Standard Edition 5.2.0.1, 5.2.6.3_6, 6.0.0.0, and 6.0.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 147294. | |||||
CVE-2018-1800 | 1 Ibm | 1 Sterling B2b Integrator | 2024-02-28 | 1.9 LOW | 4.7 MEDIUM |
IBM Sterling B2B Integrator Standard Edition 5.2.6.0 and 6.2.6.1 could allow a local user to obtain highly sensitive information during a short time period when installation is occurring. IBM X-Force ID: 149607. |