NotCVE - vendor:"Ibm" product:"Sterling B2b Integrator" version:"5.2.4.1"

Page 2 of 54 results (0.010 seconds)

CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0

CVE-2021-29837

https://notcve.org/view.php?id=CVE-2021-29837

06 Oct 2021 — IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 204913. IBM Sterling B2B Integrator Standard Edition versiones 5.2.0.0 hasta 6.1.1.0, es vulnerable a un ataque de tipo cross-site request forgery, que podría permitir a un atacante ejecutar acciones maliciosas y no autorizadas transmitidas desde un usuario ... • https://exchange.xforce.ibmcloud.com/vulnerabilities/204913 • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 0

CVE-2021-29836

https://notcve.org/view.php?id=CVE-2021-29836

06 Oct 2021 — IBM Sterling B2B Integrator Standard Edition 5.2.0.0. through 6.1.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204912. IBM Sterling B2B Integrator Standard Edition versiones 5.2.0.0. hasta 6.1.1.0, es vulnerable a un ataque de tipo cross-site scripting. Esta vulnerabilidad permite a usuarios insertar có... • https://exchange.xforce.ibmcloud.com/vulnerabilities/204912 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0

CVE-2021-29764

https://notcve.org/view.php?id=CVE-2021-29764

06 Oct 2021 — IBM Sterling B2B Integrator 5.2.0.0 through 6.1.1.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 202268. IBM Sterling B2B Integrator versiones 5.2.0.0 hasta la versión 6.1.1.0 es vulnerable al cross-site scripting almacenado. Esta vulnerabilidad permite a los usuarios incrustar código JavaScript arbi... • https://exchange.xforce.ibmcloud.com/vulnerabilities/202268 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2021-29761

https://notcve.org/view.php?id=CVE-2021-29761

06 Oct 2021 — IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 could allow an authenticated user to obtain sensitive information from the dashboard that they should not have access to. IBM X-Force ID: 202265. IBM Sterling B2B Integrator Standard Edition versiones 5.2.0.0 hasta 6.1.1.0, podría permitir a un usuario autenticado conseguir información confidencial del tablero de mandos a la que no debería tener acceso. IBM X-Force ID: 202265 • https://exchange.xforce.ibmcloud.com/vulnerabilities/202265 •

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0

CVE-2021-29760

https://notcve.org/view.php?id=CVE-2021-29760

06 Oct 2021 — IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 could allow an authenticated user to download unauthorized files through the dashboard user interface. IBM X-Force ID: 202213. IBM Sterling B2B Integrator Standard Edition versiones 5.2.0.0 hasta 6.1.1.0, podría permitir a un usuario autenticado descargar archivos no autorizados mediante la interfaz de usuario del cuadro de mandos. IBM X-Force ID: 202213 • https://exchange.xforce.ibmcloud.com/vulnerabilities/202213 •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2021-29758

https://notcve.org/view.php?id=CVE-2021-29758

06 Oct 2021 — IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 could allow an authenticated user to perform actions that they should not be able to access due to improper access controls. IBM X-Force ID: 202169. IBM Sterling B2B Integrator Standard Edition versiones 5.2.0.0 hasta 6.1.1.0, podría permitir a un usuario autenticado llevar a cabo acciones a las que no debería poder acceder debido a controles de acceso inapropiados. IBM X-Force ID: 202169 • https://exchange.xforce.ibmcloud.com/vulnerabilities/202169 •

CVSS: 5.4EPSS: 0%CPEs: 8EXPL: 3

CVE-2021-20562 – IBM Sterling B2B Integrator Cross Site Scripting

https://notcve.org/view.php?id=CVE-2021-20562

27 Jul 2021 — IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5_3 and 6.1.0.0 through 6.1.0.2 vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 199232. IBM Sterling B2B Integrator Standard Edition versiones 5.2.0.0 hasta la versión 5.2.6.5_3 y versiones 6.1.0.0 hasta la versión 6.1.0.2 son vulnerables a las se... • https://packetstorm.news/files/id/164782 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0

CVE-2020-4646

https://notcve.org/view.php?id=CVE-2020-4646

19 May 2021 — IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5, 6.0.0.0 through 6.0.3.3, and 6.1.0.0 through 6.1.0.2 could allow an authenticated user to view pages they shoiuld not have access to due to improper authorization control. IBM Sterling B2B Integrator Standard Edition versiones 5.2.0.0 hasta 5.2.6.5, versiones 6.0.0.0 hasta 6.0.3.3 y versiones 6.1.0.0 hasta 6.1.0.2, podría permitir a un usuario autenticado visualizar páginas a las que no debería tener acceso debido a un control de autoriza... • https://exchange.xforce.ibmcloud.com/vulnerabilities/185808 •

CVSS: 8.8EPSS: 0%CPEs: 9EXPL: 0

CVE-2020-4762

https://notcve.org/view.php?id=CVE-2020-4762

05 Jan 2021 — IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5_2, 6.0.0.0 through 6.0.3.2, and 6.1.0.0 could allow an authenticated user to create a privileged account due to improper access controls. IBM X-Force ID: 188896. IBM Sterling B2B Integrator Standard Edition versiones 5.2.0.0 hasta 5.2.6.5_2, versiones 6.0.0.0 hasta 6.0.3.2 y 6.1.0.0, podría permitir a un usuario autenticado crear una cuenta con privilegios debido a controles de acceso inapropiados. IBM X-Force ID: 188896 • https://exchange.xforce.ibmcloud.com/vulnerabilities/188896 •

CVSS: 5.3EPSS: 0%CPEs: 9EXPL: 0

CVE-2020-4761

https://notcve.org/view.php?id=CVE-2020-4761

05 Jan 2021 — IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5_2, 6.0.0.0 through 6.0.3.2, and 6.1.0.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 188895. IBM Sterling B2B Integrator Standard Edition versiones 5.2.0.0 hasta 5.2.6.5_2, versiones 6.0.0.0 hasta 6.0.3.2 y 6.1.0.0, podría permitir a un atacante remoto conseguir informaci... • https://exchange.xforce.ibmcloud.com/vulnerabilities/188895 • CWE-209: Generation of Error Message Containing Sensitive Information •

1 2 3 4 5