Vulnerabilities > IBM > Sterling B2B Integrator > 5.2.6.5.2

DATE CVE VULNERABILITY TITLE RISK
2021-10-06 CVE-2021-29764 Cross-site Scripting vulnerability in IBM Sterling B2B Integrator
IBM Sterling B2B Integrator 5.2.0.0 through 6.1.1.0 is vulnerable to stored cross-site scripting.
network
ibm CWE-79
3.5
3.5
2021-10-06 CVE-2021-29836 Cross-site Scripting vulnerability in IBM Sterling B2B Integrator
IBM Sterling B2B Integrator Standard Edition 5.2.0.0.
network
ibm CWE-79
3.5
3.5
2021-10-06 CVE-2021-29837 Cross-Site Request Forgery (CSRF) vulnerability in IBM Sterling B2B Integrator
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
network
ibm CWE-352
6.8
6.8
2021-10-06 CVE-2021-29855 Cross-site Scripting vulnerability in IBM Sterling B2B Integrator
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 is vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
3.5
2021-10-06 CVE-2021-29903 SQL Injection vulnerability in IBM Sterling B2B Integrator
IBM Sterling B2B Integrator Standard Edition 5.2.6.0 through 6.1.1.0 is vulnerable to SQL injection.
network
low complexity
ibm CWE-89
7.5
7.5
2021-10-06 CVE-2021-38925 Inadequate Encryption Strength vulnerability in IBM Sterling B2B Integrator
IBM Sterling B2B Integrator Standard Edition 5.2.0.
network
low complexity
ibm CWE-326
5.0
5.0
2021-07-27 CVE-2021-20562 Cross-site Scripting vulnerability in IBM Sterling B2B Integrator
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5_3 and 6.1.0.0 through 6.1.0.2 vulnerable to cross-site scripting.
network
ibm CWE-79
3.5
3.5
2021-01-05 CVE-2020-4762 Unspecified vulnerability in IBM Sterling B2B Integrator
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5_2, 6.0.0.0 through 6.0.3.2, and 6.1.0.0 could allow an authenticated user to create a privileged account due to improper access controls.
network
low complexity
ibm
6.5
6.5
2021-01-05 CVE-2020-4761 Information Exposure Through an Error Message vulnerability in IBM Sterling B2B Integrator
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5_2, 6.0.0.0 through 6.0.3.2, and 6.1.0.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser.
network
low complexity
ibm CWE-209
5.0
5.0
2021-01-05 CVE-2019-4728 Deserialization of Untrusted Data vulnerability in IBM Sterling B2B Integrator
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5_2, 6.0.0.0 through 6.0.3.2, and 6.1.0.0 could allow a remote attacker to execute arbitrary code on the system, caused by the deserialization of untrusted data.
network
low complexity
ibm CWE-502
critical
 9.0
9.0