CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-5893
https://notcve.org/view.php?id=CVE-2016-5893
23 Jun 2017 — IBM Sterling B2B Integrator Standard Edition 5.2 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 115336. IBM Sterling B2B Integrator Standard Edition 5.2 permite que las páginas web se almacenen localmente y que puedan ser leídas por otro usuario del sistema. IBM X-Force ID: 115336. • http://www.ibm.com/support/docview.wss?uid=swg22004272 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-1302
https://notcve.org/view.php?id=CVE-2017-1302
23 Jun 2017 — IBM Sterling B2B Integrator Standard Edition 5.2 could allow a local user view sensitive information due to improper access controls. IBM X-Force ID: 125456. IBM Sterling B2B Integrator Standard Edition 5.2 podría permitir a un usuario local ver información sensible debido a un inapropiado control de acceso. IBM X-Force ID: 125456. • http://www.ibm.com/support/docview.wss?uid=swg22004202 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-1347
https://notcve.org/view.php?id=CVE-2017-1347
23 Jun 2017 — IBM Sterling B2B Integrator Standard Edition 5.2 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 126462. Sterling B2B Integrator Standard Edition versión 5.2 de IBM, es vulnerable a la inyección SQL. Un atacante remoto podría enviar instrucciones SQL especialmente diseñadas, lo que podría permitir al atacante ver, agregar, modificar o eliminar inf... • http://www.ibm.com/support/docview.wss?uid=swg22004199 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2017-1348
https://notcve.org/view.php?id=CVE-2017-1348
23 Jun 2017 — IBM Sterling B2B Integrator Standard Edition 5.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 126524. Sterling B2B Integrator Standard Edition versión 5.2 de IBM , es vulnerable a un problema de tipo cross-site-scripting (XSS). Esta vulnerabilidad permite a los usuarios insertar código JavaScript arbitrario... • http://www.ibm.com/support/docview.wss?uid=swg22004199 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-1349
https://notcve.org/view.php?id=CVE-2017-1349
23 Jun 2017 — IBM Sterling B2B Integrator Standard Edition 5.2 stores potentially sensitive information from HTTP sessions that could be read by a local user. IBM X-Force ID: 126525. Sterling B2B Integrator Standard Edition versión 5.2 de IBM, almacena información potencialmente confidencial de sesiones HTTP que podrían ser leídas por un usuario local. ID de IBM X-Force: 126525. • http://www.ibm.com/support/docview.wss?uid=swg22004209 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-1131
https://notcve.org/view.php?id=CVE-2017-1131
23 Jun 2017 — IBM Sterling B2B Integrator Standard Edition 5.2 could allow an authenticated user to obtain sensitive information by using unsupported, specially crafted HTTP commands. IBM X-Force ID: 121375. Sterling B2B Integrator Standard Edition versión 5.2 de IBM , podría permitir a un usuario identificado obtener información confidencial mediante el uso de comandos HTTP especialmente creados y no compatibles. ID de IBM X-Force: 121375. • http://www.ibm.com/support/docview.wss?uid=swg22004270 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2017-1132
https://notcve.org/view.php?id=CVE-2017-1132
23 Jun 2017 — IBM Sterling B2B Integrator Standard Edition 5.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 121418. Sterling B2B Integrator Standard Edition versión 5.2 de IBM, es vulnerable a un problema de tipo cross-site-scripting (XSS). Esta vulnerabilidad permite a los usuarios insertar código JavaScript arbitrario ... • http://www.ibm.com/support/docview.wss?uid=swg22004199 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2017-1326
https://notcve.org/view.php?id=CVE-2017-1326
22 Jun 2017 — IBM Sterling File Gateway does not properly restrict user requests based on permission level. This allows for users to update data related to other users, by manipulating the parameters passed in the POST request. IBM X-Force ID: 126060. IBM Sterling File Gateway no restringe correctamente las peticiones de usuario en base al nivel de permisos. Esto permite que los usuarios actualicen datos relacionados con otros usuarios manipulando los parámetros que se pasan en la petición POST. • http://www.ibm.com/support/docview.wss?uid=swg22004274 • CWE-269: Improper Privilege Management •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-9982
https://notcve.org/view.php?id=CVE-2016-9982
22 Jun 2017 — IBM Sterling B2B Integrator Standard Edition 5.2 could allow an authenticated user to obtain sensitive information such as account lists due to improper access control. IBM X-Force ID: 120274. Sterling B2B Integrator Standard Edition versión 5.2 de IBM, podría permitir a un usuario identificado obtener información confidencial, tales como listas de cuentas debido a un control de acceso inapropiado. ID de IBM X-Force: 120274. • http://www.ibm.com/support/docview.wss?uid=swg22004273 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-9983
https://notcve.org/view.php?id=CVE-2016-9983
22 Jun 2017 — IBM Sterling B2B Integrator Standard Edition 5.2 could allow an authenticated user with special privileges to view files that they should not have access to. IBM X-Force ID: 120275. Sterling B2B Integrator Standard Edition versión 5.2 de IBM, podría permitir a un usuario autenticado con privilegios especiales visualizar archivos a los que no debería tener acceso. ID de IBM X-Force: 120275. • http://www.ibm.com/support/docview.wss?uid=swg22004273 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •