Vulnerabilities > IBM > Sterling B2B Integrator

DATE CVE VULNERABILITY TITLE RISK
2020-11-20 CVE-2020-4937 Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Sterling B2B Integrator
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.0.3.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
network
low complexity
ibm CWE-327
7.5
7.5
2020-11-16 CVE-2020-4705 Cross-site Scripting vulnerability in IBM Sterling B2B Integrator
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.2 and 5.2.0.0 through 5.2.6.5 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
4.8
4.8
2020-11-16 CVE-2020-4700 Unspecified vulnerability in IBM Sterling B2B Integrator
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.2 and 5.2.0.0 through 5.2.6.5 could allow an authenticated user belonging to a specific user group to create a user or group with administrative privileges.
network
low complexity
ibm
8.8
8.8
2020-11-16 CVE-2020-4692 Unspecified vulnerability in IBM Sterling B2B Integrator
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.2 and 5.2.0.0 through 5.2.6.5 could allow an authenticated user to obtain sensitive information from the Dashboard UI.
network
low complexity
ibm
6.5
6.5
2020-11-16 CVE-2020-4671 Information Exposure Through Log Files vulnerability in IBM Sterling B2B Integrator
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.2 and 5.2.0.0 through 5.2.6.5 stores potentially sensitive information in log files that could be read by an authenticatedl user.
network
low complexity
ibm CWE-532
6.5
6.5
2020-11-16 CVE-2020-4655 SQL Injection vulnerability in IBM Sterling B2B Integrator
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.2 and 5.2.0.0 through 5.2.6.5 is vulnerable to SQL injection.
network
low complexity
ibm CWE-89
8.8
8.8
2020-11-16 CVE-2020-4566 Unspecified vulnerability in IBM Sterling B2B Integrator
IBM Sterling B2B Integrator Standard Edition 5.2.6.0 through 5.2.6.5 and 6.0.0.0 through 6.0.3.2 stores potentially highly sensitive information in log files that could be read by an authenticated user.
network
low complexity
ibm
6.5
6.5
2020-11-16 CVE-2020-4475 Unspecified vulnerability in IBM Sterling B2B Integrator
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 and 6.0.0.0 through 6.0.3.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser.
network
low complexity
ibm
6.5
6.5
2020-10-20 CVE-2020-4564 Cross-site Scripting vulnerability in IBM Sterling B2B Integrator and Sterling File Gateway
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.0.3.1 and IBM Sterling File Gateway 2.2.0.0 through 6.0.3.1 are vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2020-10-20 CVE-2019-4680 SQL Injection vulnerability in IBM Sterling B2B Integrator
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.0.2.2 is vulnerable to SQL injection.
network
low complexity
ibm CWE-89
8.8
8.8