Vulnerabilities > IBM > Sterling B2B Integrator

DATE CVE VULNERABILITY TITLE RISK
2024-02-09 CVE-2023-42016 Cleartext Transmission of Sensitive Information vulnerability in IBM Sterling B2B Integrator
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.8 and 6.1.0.0 through 6.1.2.3 does not set the secure attribute on authorization tokens or session cookies.
network
low complexity
ibm CWE-319
4.3
2023-11-22 CVE-2023-25682 Unspecified vulnerability in IBM Sterling B2B Integrator
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.8 and 6.1.0.0 through 6.1.2.1 stores potentially sensitive information in log files that could be read by a local user.
local
low complexity
ibm
5.5
2023-11-22 CVE-2022-35638 Unspecified vulnerability in IBM Sterling B2B Integrator
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.8 and 6.1.0.0 through 6.1.2.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
network
low complexity
ibm
8.8
2023-03-15 CVE-2023-22876 Unspecified vulnerability in IBM Sterling B2B Integrator
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.7 and 6.1.0.0 through 6.1.2.1 could allow a privileged user to obtain sensitive information that could aid in further attacks against the system.
network
low complexity
ibm
6.5
2023-02-22 CVE-2022-43578 Unspecified vulnerability in IBM Sterling B2B Integrator
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.7 and 6.1.0.0 through 6.1.2.0 is vulnerable to cross-site scripting.
network
low complexity
ibm
5.4
2023-02-17 CVE-2022-40231 Unspecified vulnerability in IBM Sterling B2B Integrator
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.7 and 6.1.0.0 through 6.1.2.0 could allow an authenticated user to perform unauthorized actions due to improper access controls.
network
low complexity
ibm
8.8
2023-02-17 CVE-2022-43579 Unspecified vulnerability in IBM Sterling B2B Integrator
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.7 and 6.1.0.0 through 6.1.2.0 is vulnerable to cross-site scripting.
network
low complexity
ibm
5.4
2023-02-17 CVE-2022-40232 Incorrect Default Permissions vulnerability in IBM Sterling B2B Integrator
IBM Sterling B2B Integrator Standard Edition 6.1.0.0 through 6.1.1.1, and 6.1.2.0 could allow an authenticated user to perform actions they should not have access to due to improper permission controls.
network
low complexity
ibm CWE-276
8.8
2023-01-05 CVE-2022-22371 Unspecified vulnerability in IBM Sterling B2B Integrator
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.1 does not invalidate session after a password change which could allow an authenticated user to impersonate another user on the system.
network
low complexity
ibm
6.5
2023-01-05 CVE-2022-34330 Unspecified vulnerability in IBM Sterling B2B Integrator
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.1 is vulnerable to cross-site scripting.
network
low complexity
ibm
6.1