Vulnerabilities > IBM > Sterling B2B Integrator > 6.0.3.0

DATE CVE VULNERABILITY TITLE RISK
2023-01-04 CVE-2022-22337 Unspecified vulnerability in IBM Sterling B2B Integrator
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.1 could disclose sensitive information to an authenticated user.
network
low complexity
ibm
6.5
6.5
2023-01-04 CVE-2022-22338 SQL Injection vulnerability in IBM Sterling B2B Integrator
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.1 is vulnerable to SQL injection.
network
low complexity
ibm CWE-89
critical
 9.8
9.8
2023-01-04 CVE-2022-22352 Unspecified vulnerability in IBM Sterling B2B Integrator
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.1 is vulnerable to cross-site scripting.
network
low complexity
ibm
5.4
5.4
2023-01-04 CVE-2022-43920 Unspecified vulnerability in IBM Sterling B2B Integrator
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.1 could allow an authenticated user to gain privileges in a different group due to an access control vulnerability in the Sftp server adapter.
network
low complexity
ibm
8.8
8.8
2022-08-16 CVE-2021-39035 Cross-site Scripting vulnerability in IBM Sterling B2B Integrator
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.4, and 6.1.1.0 through 6.1.1.1 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2022-08-16 CVE-2021-39085 SQL Injection vulnerability in IBM Sterling B2B Integrator
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.4, and 6.1.1.0 through 6.1.1.1 is vulnerable to SQL injection.
network
low complexity
ibm CWE-89
critical
 9.8
9.8
2022-08-16 CVE-2021-39087 Incorrect Default Permissions vulnerability in IBM Sterling B2B Integrator
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.4, and 6.1.1.0 through 6.1.1.1 could allow an authenticated user to obtain sensitive information due to improper permission controls.
network
low complexity
ibm CWE-276
6.5
6.5
2022-06-30 CVE-2021-38954 Unspecified vulnerability in IBM Sterling B2B Integrator
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5 and 6.1.0.0 through 6.1.1.0 could disclose sensitive version information that could aid in future attacks against the system.
network
low complexity
ibm
4.3
4.3
2022-05-17 CVE-2022-22482 Unrestricted Upload of File with Dangerous Type vulnerability in IBM Sterling B2B Integrator
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5 and 6.1.0.0 through 6.1.1.0 could allow an authenticated user to upload files that could fill up the filesystem and cause a denial of service.
network
low complexity
ibm CWE-434
6.5
6.5
2022-04-19 CVE-2021-39033 Information Exposure Through an Error Message vulnerability in IBM Sterling B2B Integrator
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5 and 6.1.0.0 through 6.1.1.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser.
network
low complexity
ibm CWE-209
6.5
6.5