Vulnerabilities > IBM > Sterling B2B Integrator > Medium

DATE CVE VULNERABILITY TITLE RISK
2018-04-20 CVE-2014-0912 Information Exposure vulnerability in IBM Sterling B2B Integrator and Sterling File Gateway
IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote attackers to obtain sensitive product information via vectors related to an error page.
network
low complexity
ibm CWE-200
5.3
5.3
2017-12-07 CVE-2017-1482 Cross-site Scripting vulnerability in IBM Sterling B2B Integrator 5.2
IBM Sterling B2B Integrator Standard Edition 5.2 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2017-12-07 CVE-2017-1481 Information Exposure vulnerability in IBM Sterling B2B Integrator 5.2
IBM Sterling B2B Integrator Standard Edition 5.2 allows a user to view sensitive information that belongs to another user.
network
low complexity
ibm CWE-200
4.3
4.3
2017-08-02 CVE-2015-0194 XXE vulnerability in IBM Sterling B2B Integrator and Sterling File Gateway
XML External Entity (XXE) vulnerability in IBM Sterling B2B Integrator 5.1 and 5.2 and IBM Sterling File Gateway 2.1 and 2.2 allows remote attackers to read arbitrary files via a crafted XML data.
network
low complexity
ibm CWE-611
6.5
6.5
2017-07-31 CVE-2017-1496 Cross-site Scripting vulnerability in IBM Sterling B2B Integrator
IBM Sterling B2B Integrator Standard Edition 5.2.x is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2017-06-23 CVE-2017-1349 Information Exposure vulnerability in IBM Sterling B2B Integrator 5.2
IBM Sterling B2B Integrator Standard Edition 5.2 stores potentially sensitive information from HTTP sessions that could be read by a local user.
local
low complexity
ibm CWE-200
5.5
5.5
2017-06-23 CVE-2017-1348 Cross-site Scripting vulnerability in IBM Sterling B2B Integrator 5.2
IBM Sterling B2B Integrator Standard Edition 5.2 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2017-06-23 CVE-2017-1302 Information Exposure vulnerability in IBM Sterling B2B Integrator 5.2
IBM Sterling B2B Integrator Standard Edition 5.2 could allow a local user view sensitive information due to improper access controls.
local
low complexity
ibm CWE-200
5.5
5.5
2017-06-23 CVE-2017-1193 Information Exposure vulnerability in IBM Sterling B2B Integrator 5.2
IBM Sterling B2B Integrator Standard Edition 5.2 could allow user to obtain sensitive information using an HTTP GET request.
network
low complexity
ibm CWE-200
6.5
6.5
2017-06-23 CVE-2017-1132 Cross-site Scripting vulnerability in IBM Sterling B2B Integrator 5.2
IBM Sterling B2B Integrator Standard Edition 5.2 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4