NotCVE - vendor:"IBM" product:"Sterling B2B Integrator" version:" >= 6.0.0.0 <= 6.1.2.5"

Page 4 of 89 results (0.010 seconds)

CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0

CVE-2021-39035

https://notcve.org/view.php?id=CVE-2021-39035

16 Aug 2022 — IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.4, and 6.1.1.0 through 6.1.1.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 213965. IBM Sterling B2B Integrator Standard Edition versiones 6.0.0.0 hasta 6.0.3.5, 6.1.0.0 hasta 6.1.0.4, y 6.1.1.0 hasta 6.1.1.1, es vul... • https://exchange.xforce.ibmcloud.com/vulnerabilities/213965 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.3EPSS: 0%CPEs: 5EXPL: 0

CVE-2021-38954

https://notcve.org/view.php?id=CVE-2021-38954

30 Jun 2022 — IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5 and 6.1.0.0 through 6.1.1.0 could disclose sensitive version information that could aid in future attacks against the system. IBM X-Force ID: 211414. IBM Sterling B2B Integrator Standard Edition versiones 6.0.0.0 hasta 6.0.3.5 y 6.1.0.0 hasta 6.1.1.0, podría divulgar información confidencial de la versión que podría ayudar en futuros ataques contra el sistema. IBM X-Force ID: 211414 • https://exchange.xforce.ibmcloud.com/vulnerabilities/211414 •

CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0

CVE-2022-22482

https://notcve.org/view.php?id=CVE-2022-22482

17 May 2022 — IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5 and 6.1.0.0 through 6.1.1.0 could allow an authenticated user to upload files that could fill up the filesystem and cause a denial of service. IBM X-Force ID: 225977. IBM Sterling B2B Integrator Standard Edition versiones 6.0.0.0 hasta 6.0.3.5 y 6.1.0.0 hasta 6.1.1.0 podría permitir a un usuario autenticado cargar archivos que podrían llenar el sistema de archivos y causar una denegación de servicio. IBM X-Force ID: 225977 • https://exchange.xforce.ibmcloud.com/vulnerabilities/225977 • CWE-434: Unrestricted Upload of File with Dangerous Type •

CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0

CVE-2021-39033

https://notcve.org/view.php?id=CVE-2021-39033

19 Apr 2022 — IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5 and 6.1.0.0 through 6.1.1.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 213963. IBM Sterling B2B Integrator Standard Edition versiones 6.0.0.0 hasta 6.0.3.5 y versiones 6.1.0.0 hasta 6.1.1.0. podría permitir a un atacante remoto obtener información confidencial cuando es... • https://exchange.xforce.ibmcloud.com/vulnerabilities/213963 • CWE-209: Generation of Error Message Containing Sensitive Information •

CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0

CVE-2020-4668

https://notcve.org/view.php?id=CVE-2020-4668

08 Apr 2022 — IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.3, and 6.1.1.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 186283. IBM Sterling B2B Integrator Standard Edition versiones 6.0.0.0 hasta 6.0.3.5, 6.1.0.0 hasta 6.1.0.3 y 6.1.1.0 es vulnerable a un ataque de tipo cross-site request forgery, lo que podría permitir a un atacante eje... • https://exchange.xforce.ibmcloud.com/vulnerabilities/186283 • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 4.3EPSS: 0%CPEs: 4EXPL: 0

CVE-2021-29700

https://notcve.org/view.php?id=CVE-2021-29700

07 Oct 2021 — IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 could allow an authneticated attacker to obtain sensitive information from configuration files that could aid in further attacks against the system. IBM X-Force ID: 200656. IBM Sterling B2B Integrator Standard Edition versiones 5.2.0.0 hasta 6.1.1.0, podría permitir a un atacante autenticado obtener información confidencial de los archivos de configuración que podría ayudar a otros ataques contra el sistema. IBM X-Force ID: 200656 • https://exchange.xforce.ibmcloud.com/vulnerabilities/200656 •

CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0

CVE-2021-20584

https://notcve.org/view.php?id=CVE-2021-20584

07 Oct 2021 — IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 could allow a remote attacker to upload arbitrary files, caused by improper access controls. IBM X-Force ID: 199397. IBM Sterling File Gateway versiones 2.2.0.0 hasta 6.1.1.0, podría permitir a un atacante remoto cargar archivos arbitrarios, causado por controles de acceso inapropiados. IBM X-Force ID: 199397 • https://exchange.xforce.ibmcloud.com/vulnerabilities/199397 •

CVSS: 5.4EPSS: 0%CPEs: 4EXPL: 0

CVE-2021-20571

https://notcve.org/view.php?id=CVE-2021-20571

07 Oct 2021 — IBM Sterling B2B Integrator 5.2.0.0 through 6.1.1.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 199246. IBM Sterling B2B Integrator versiones 5.2.0.0 hasta 6.1.1.0, es vulnerable a un ataque de tipo cross-site scripting almacenado. Esta vulnerabilidad permite a usuarios insertar código JavaScript ar... • https://exchange.xforce.ibmcloud.com/vulnerabilities/199246 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 4EXPL: 0

CVE-2021-20561

https://notcve.org/view.php?id=CVE-2021-20561

07 Oct 2021 — IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 199230. IBM Sterling File Gateway versiones 2.2.0.0 hasta 6.1.1.0, es vulnerable a un ataque de tipo cross-site scripting. Esta vulnerabilidad permite a usuarios insertar código JavaScript arbitrario en la Interfa... • https://exchange.xforce.ibmcloud.com/vulnerabilities/199230 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0

CVE-2021-20376

https://notcve.org/view.php?id=CVE-2021-20376

07 Oct 2021 — IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 could allow an authenticated attacker to enumerate usernames due to there being an observable discrepancy in returned messages. IBM X-Force ID: 195568. IBM Sterling File Gateway versiones 2.2.0.0 hasta 6.1.1.0, podría permitir a un atacante autenticado enumerar nombres de usuario debido a que se presenta una discrepancia observable en los mensajes devueltos. IBM X-Force ID: 195568 • https://exchange.xforce.ibmcloud.com/vulnerabilities/195568 • CWE-203: Observable Discrepancy •

1 2 3 4 5