Vulnerabilities > IBM > Sterling B2B Integrator > 6.1.1.1

DATE CVE VULNERABILITY TITLE RISK
2023-01-04 CVE-2022-22338 SQL Injection vulnerability in IBM Sterling B2B Integrator
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.1 is vulnerable to SQL injection.
network
low complexity
ibm CWE-89
critical
 9.8
9.8
2023-01-04 CVE-2022-22352 Unspecified vulnerability in IBM Sterling B2B Integrator
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.1 is vulnerable to cross-site scripting.
network
low complexity
ibm
5.4
5.4
2023-01-04 CVE-2022-43920 Unspecified vulnerability in IBM Sterling B2B Integrator
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.1 could allow an authenticated user to gain privileges in a different group due to an access control vulnerability in the Sftp server adapter.
network
low complexity
ibm
8.8
8.8
2022-08-16 CVE-2021-39035 Cross-site Scripting vulnerability in IBM Sterling B2B Integrator
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.4, and 6.1.1.0 through 6.1.1.1 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2022-08-16 CVE-2021-39085 SQL Injection vulnerability in IBM Sterling B2B Integrator
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.4, and 6.1.1.0 through 6.1.1.1 is vulnerable to SQL injection.
network
low complexity
ibm CWE-89
critical
 9.8
9.8
2022-08-16 CVE-2021-39087 Incorrect Default Permissions vulnerability in IBM Sterling B2B Integrator
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.4, and 6.1.1.0 through 6.1.1.1 could allow an authenticated user to obtain sensitive information due to improper permission controls.
network
low complexity
ibm CWE-276
6.5
6.5