Vulnerabilities > IBM > Sterling B2B Integrator

DATE CVE VULNERABILITY TITLE RISK
2016-01-02 CVE-2015-7438 Information Exposure vulnerability in IBM Sterling B2B Integrator 5.2
IBM Sterling B2B Integrator 5.2 allows local users to obtain sensitive cleartext web-services information by leveraging database access.
local
high complexity
ibm CWE-200
4.7
2016-01-02 CVE-2015-7437 Information Exposure vulnerability in IBM Sterling B2B Integrator 5.2
Queue Watcher in IBM Sterling B2B Integrator 5.2 allows local users to obtain sensitive information via unspecified vectors.
local
low complexity
ibm CWE-200
5.5
2016-01-02 CVE-2015-7431 Cross-site Scripting vulnerability in IBM Sterling B2B Integrator 5.2
Cross-site scripting (XSS) vulnerability in Queue Watcher in IBM Sterling B2B Integrator 5.2 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
network
low complexity
ibm CWE-79
6.1
2016-01-01 CVE-2015-7410 Code vulnerability in IBM Sterling B2B Integrator 5.2
The Health Check tool in IBM Sterling B2B Integrator 5.2 does not properly use cookies in conjunction with HTTPS sessions, which allows man-in-the-middle attackers to obtain sensitive information or modify data via unspecified vectors.
network
high complexity
ibm CWE-17
7.4