Vulnerabilities > IBM > Sterling B2B Integrator > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-02-26 CVE-2019-4726 Cross-Site Request Forgery (CSRF) vulnerability in IBM Sterling B2B Integrator
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
network
ibm CWE-352
4.3
4.3
2020-02-26 CVE-2019-4598 SQL Injection vulnerability in IBM Sterling B2B Integrator 5.2.0.0/5.2.6.36/5.2.6.5
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 is vulnerable to SQL injection.
network
low complexity
ibm CWE-89
6.5
6.5
2020-02-26 CVE-2019-4597 SQL Injection vulnerability in IBM Sterling B2B Integrator 5.2.0.0/5.2.6.36/5.2.6.5
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 is vulnerable to SQL injection.
network
low complexity
ibm CWE-89
6.5
6.5
2020-02-24 CVE-2019-4595 Open Redirect vulnerability in IBM Sterling B2B Integrator 5.2.0.0/5.2.6.36/5.2.6.5
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 could allow a remote attacker to conduct phishing attacks, using an open redirect attack.
network
ibm CWE-601
5.8
5.8
2019-11-26 CVE-2019-4387 SQL Injection vulnerability in IBM Sterling B2B Integrator 6.0.0.0/6.0.0.1/6.0.2.0
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.2.0 is vulnerable to SQL injection.
network
low complexity
ibm CWE-89
6.5
6.5
2019-06-25 CVE-2019-4377 Information Exposure Through an Error Message vulnerability in IBM Sterling B2B Integrator
IBM Sterling B2B Integrator 6.0.0.0 and 6.0.0.1 reveals sensitive information from a stack trace that could be used in further attacks against the system.
network
low complexity
ibm CWE-209
4.3
4.3
2019-05-01 CVE-2019-4258 Cross-site Scripting vulnerability in IBM Sterling B2B Integrator 6.0.0.0/6.0.0.1
IBM Sterling B2B Integrator 6.0.0.0 and 6.0.0.1 Standard Edition is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2019-04-25 CVE-2019-4222 Improper Privilege Management vulnerability in IBM Sterling B2B Integrator 6.0.0.0/6.0.0.1
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 and 6.0.0.1 could allow an authenticated user to view process definition of a business process without permission.
network
low complexity
ibm CWE-269
4.3
4.3
2019-04-25 CVE-2019-4148 Cross-site Scripting vulnerability in IBM Sterling B2B Integrator 6.0.0.0/6.0.0.1
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 and 6.0.0.1 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2019-04-25 CVE-2019-4077 Cross-site Scripting vulnerability in IBM Sterling B2B Integrator 6.0.0.0/6.0.0.1
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 and 6.0.0.1 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4