CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2013-2982
https://notcve.org/view.php?id=CVE-2013-2982
IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to upload arbitrary files via unspecified vectors. IBM Sterling B2B Integrator 5.1 y 5.2 y Sterling File Gateway 2.1 y 2.2, permite a usuarios autenticados remotamente subir archivos remotamente a través de vectores no especificados. • http://www-01.ibm.com/support/docview.wss?uid=swg21640830 https://exchange.xforce.ibmcloud.com/vulnerabilities/83997 •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2013-2984
https://notcve.org/view.php?id=CVE-2013-2984
Directory traversal vulnerability in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allows remote authenticated users to read or modify files via unspecified vectors. Vulnerabilidad de salto de directorio en IBM Sterling B2B Integrator 5.1 y 5.2 y Sterling File Gateway 2.1 y 2.2, permite a usuarios autenticados remotamente leer o modificar archivos a través de vectores no especificados. • http://www-01.ibm.com/support/docview.wss?uid=swg1IC91046 http://www-01.ibm.com/support/docview.wss?uid=swg21640830 https://exchange.xforce.ibmcloud.com/vulnerabilities/84006 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2012-5766
https://notcve.org/view.php?id=CVE-2012-5766
Multiple SQL injection vulnerabilities in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to execute arbitrary SQL commands via vectors involving the RNVisibility page and unspecified screens, a different vulnerability than CVE-2013-0560. Múltiples vulnerabilidades de inyección SQL en IBM Sterling B2B Integrator v5.1 y v5.2 y Sterling File Gateway v2.1 y v2.2 que permite a usuarios autenticados de forma remota ejecutar código SQL a través de vectores no especificados implicando la página RNVisibility y ventanas sin especificar, una vulnerabilidad diferente que CVE-2013-0560 • http://www-01.ibm.com/support/docview.wss?uid=swg1IC84082 http://www-01.ibm.com/support/docview.wss?uid=swg21627982 http://www-01.ibm.com/support/docview.wss?uid=swg21640830 https://exchange.xforce.ibmcloud.com/vulnerabilities/80267 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 5.0EPSS: 0%CPEs: 4EXPL: 0CVE-2012-5936
https://notcve.org/view.php?id=CVE-2012-5936
IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 do not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session. IBM Sterling B2B Integrator v5.1 y v5.2 y Sterling File Gateway v2.1 y v2.2 no configura la bandera de seguridad para la sesión de cookie en una sesión https, lo que hace más fácil a atacantes remotos capturar esas cookies interceptando esas transmisiones dentro de una sesión http. • http://www-01.ibm.com/support/docview.wss?uid=swg21627985 http://www-01.ibm.com/support/docview.wss?uid=swg21640830 https://exchange.xforce.ibmcloud.com/vulnerabilities/80401 • CWE-310: Cryptographic Issues •
CVSS: 4.0EPSS: 0%CPEs: 4EXPL: 0CVE-2013-2985
https://notcve.org/view.php?id=CVE-2013-2985
IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to obtain sensitive information about application implementation via unspecified vectors, a different vulnerability than CVE-2013-0463, CVE-2013-2987, CVE-2013-3020, CVE-2013-0568, CVE-2013-0475, and CVE-2013-0567. IBM Sterling B2B Integrator 5.1 y 5.2 y Sterling File Gateway 2.1 y 2.2, permite a usuarios autenticados remotamente la obtención de información sensible sobre la implementación de la aplicación a través de vectores no especificados. Vulnerabilidad distinta de CVE-2013-0463, CVE-2013-2987, CVE-2013-3020, CVE-2013-0568, CVE-2013-0475, y CVE-2013-0567. • http://www-01.ibm.com/support/docview.wss?uid=swg21640830 https://exchange.xforce.ibmcloud.com/vulnerabilities/84008 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •