NotCVE - vendor:"Ibm" product:"Sterling B2b Integrator" version:" >= 6.1.0.0

Page 6 of 58 results (0.011 seconds)

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0

CVE-2021-29760

https://notcve.org/view.php?id=CVE-2021-29760

06 Oct 2021 — IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 could allow an authenticated user to download unauthorized files through the dashboard user interface. IBM X-Force ID: 202213. IBM Sterling B2B Integrator Standard Edition versiones 5.2.0.0 hasta 6.1.1.0, podría permitir a un usuario autenticado descargar archivos no autorizados mediante la interfaz de usuario del cuadro de mandos. IBM X-Force ID: 202213 • https://exchange.xforce.ibmcloud.com/vulnerabilities/202213 •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2021-29758

https://notcve.org/view.php?id=CVE-2021-29758

06 Oct 2021 — IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 could allow an authenticated user to perform actions that they should not be able to access due to improper access controls. IBM X-Force ID: 202169. IBM Sterling B2B Integrator Standard Edition versiones 5.2.0.0 hasta 6.1.1.0, podría permitir a un usuario autenticado llevar a cabo acciones a las que no debería poder acceder debido a controles de acceso inapropiados. IBM X-Force ID: 202169 • https://exchange.xforce.ibmcloud.com/vulnerabilities/202169 •

CVSS: 5.4EPSS: 0%CPEs: 8EXPL: 3

CVE-2021-20562 – IBM Sterling B2B Integrator Cross Site Scripting

https://notcve.org/view.php?id=CVE-2021-20562

27 Jul 2021 — IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5_3 and 6.1.0.0 through 6.1.0.2 vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 199232. IBM Sterling B2B Integrator Standard Edition versiones 5.2.0.0 hasta la versión 5.2.6.5_3 y versiones 6.1.0.0 hasta la versión 6.1.0.2 son vulnerables a las se... • https://packetstorm.news/files/id/164782 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0

CVE-2020-4646

https://notcve.org/view.php?id=CVE-2020-4646

19 May 2021 — IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5, 6.0.0.0 through 6.0.3.3, and 6.1.0.0 through 6.1.0.2 could allow an authenticated user to view pages they shoiuld not have access to due to improper authorization control. IBM Sterling B2B Integrator Standard Edition versiones 5.2.0.0 hasta 5.2.6.5, versiones 6.0.0.0 hasta 6.0.3.3 y versiones 6.1.0.0 hasta 6.1.0.2, podría permitir a un usuario autenticado visualizar páginas a las que no debería tener acceso debido a un control de autoriza... • https://exchange.xforce.ibmcloud.com/vulnerabilities/185808 •

CVSS: 8.8EPSS: 0%CPEs: 9EXPL: 0

CVE-2020-4762

https://notcve.org/view.php?id=CVE-2020-4762

05 Jan 2021 — IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5_2, 6.0.0.0 through 6.0.3.2, and 6.1.0.0 could allow an authenticated user to create a privileged account due to improper access controls. IBM X-Force ID: 188896. IBM Sterling B2B Integrator Standard Edition versiones 5.2.0.0 hasta 5.2.6.5_2, versiones 6.0.0.0 hasta 6.0.3.2 y 6.1.0.0, podría permitir a un usuario autenticado crear una cuenta con privilegios debido a controles de acceso inapropiados. IBM X-Force ID: 188896 • https://exchange.xforce.ibmcloud.com/vulnerabilities/188896 •

CVSS: 5.3EPSS: 0%CPEs: 9EXPL: 0

CVE-2020-4761

https://notcve.org/view.php?id=CVE-2020-4761

05 Jan 2021 — IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5_2, 6.0.0.0 through 6.0.3.2, and 6.1.0.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 188895. IBM Sterling B2B Integrator Standard Edition versiones 5.2.0.0 hasta 5.2.6.5_2, versiones 6.0.0.0 hasta 6.0.3.2 y 6.1.0.0, podría permitir a un atacante remoto conseguir informaci... • https://exchange.xforce.ibmcloud.com/vulnerabilities/188895 • CWE-209: Generation of Error Message Containing Sensitive Information •

CVSS: 9.0EPSS: 0%CPEs: 9EXPL: 0

CVE-2019-4728

https://notcve.org/view.php?id=CVE-2019-4728

05 Jan 2021 — IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5_2, 6.0.0.0 through 6.0.3.2, and 6.1.0.0 could allow a remote attacker to execute arbitrary code on the system, caused by the deserialization of untrusted data. By sending specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code with SYSTEM privileges. IBM X-Force ID: 172452. IBM Sterling B2B Integrator Standard Edition versiones 5.2.0.0 hasta 5.2.6.5_2, versiones 6.0.0.0 hasta 6.0.3.2 y 6.1.0.0, pod... • https://exchange.xforce.ibmcloud.com/vulnerabilities/172452 • CWE-502: Deserialization of Untrusted Data •

CVSS: 5.1EPSS: 0%CPEs: 2EXPL: 0

CVE-2018-1800

https://notcve.org/view.php?id=CVE-2018-1800

20 Sep 2018 — IBM Sterling B2B Integrator Standard Edition 5.2.6.0 and 6.2.6.1 could allow a local user to obtain highly sensitive information during a short time period when installation is occurring. IBM X-Force ID: 149607. IBM Sterling B2B Integrator Standard Edition 5.2.6.0 y 6.2.6.1 podría permitir que un usuario local obtenga información altamente sensible durante un corto periodo de tiempo mientras se está instalando. IBM X-Force ID: 149607. • https://exchange.xforce.ibmcloud.com/vulnerabilities/149607 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

1...4 5 6