Page 9 of 52 results (0.009 seconds)

CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0

IBM Sterling B2B Integrator Standard Edition 5.2.0.1, 5.2.6.3_6, 6.0.0.0, and 6.0.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 147294. IBM Sterling B2B Integrator Standard Edition versiones 5.2.0.1, 5.2.6.3_6, 6.0.0.0 y 6.0.0.1 utiliza algoritmos criptográficos más débiles de lo esperado que podrían permitir a un atacante descifrar información altamente sensible. IBM X-Force ID: 147294. • https://exchange.xforce.ibmcloud.com/vulnerabilities/147294 https://www.ibm.com/support/docview.wss?uid=ibm10880601 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •

CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0

IBM Sterling B2B Integrator Standard Edition 5.2.0 snf 6.0.0.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 156239. IBM Sterling B2B Integrator Standard Edition 5.2.0 snf 6.0.0.0 es vulnerable a ataques de XML External Entity Injection (XXE) al procesar datos XML. Un atacante remoto podría explotar esta vulnerabilidad para exponer información sensible o consumir recursos de la memoria. • http://www.securityfocus.com/bid/107778 https://exchange.xforce.ibmcloud.com/vulnerabilities/156239 https://www.ibm.com/support/docview.wss?uid=ibm10874238 • CWE-611: Improper Restriction of XML External Entity Reference •

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0

IBM Sterling B2B Integrator 5.2.0.1 through 6.0.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-ForceID: 155905. IBM Sterling B2B Integrator, desde la versión 5.2.0.1 hasta la 6.0.0.0, es vulnerable a Cross-Site Scripting (XSS). Esta vulnerabilidad permite que los usuarios embeban código JavaScript arbitrario en la interfaz de usuario web, lo que altera las funcionalidades previstas. • http://www.securityfocus.com/bid/107223 https://exchange.xforce.ibmcloud.com/vulnerabilities/155905 https://www.ibm.com/support/docview.wss?uid=ibm10874246 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0

IBM Sterling B2B Integrator 5.2.0.1 through 6.0.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-force ID: 155907. IBM Sterling B2B Integrator, desde la versión 5.2.0.1 hasta la 6.0.0.0, es vulnerable a Cross-Site Scripting (XSS). Esta vulnerabilidad permite que los usuarios embeban código JavaScript arbitrario en la interfaz de usuario web, lo que altera las funcionalidades previstas. • http://www.securityfocus.com/bid/107223 https://exchange.xforce.ibmcloud.com/vulnerabilities/155907 https://www.ibm.com/support/docview.wss?uid=ibm10874246 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0

IBM Sterling B2B Integrator 5.2.0.1 through 6.0.0.0 Standard Edition could allow highly sensitive information to be transmitted in plain text. An attacker could obtain this information using man in the middle techniques. IBM X-ForceID: 157008. IBM Sterling B2B Integrator, desde la versión 5.2.0.1 hasta la 6.0.0.0, en su edición estándar, podría permitir que se transmita información sensible en texto plano. Un atacante podría obtener esta información empleando técnicas Man-in-the-Middle (MitM). • http://www.securityfocus.com/bid/107310 https://exchange.xforce.ibmcloud.com/vulnerabilities/157008 https://www.ibm.com/support/docview.wss?uid=ibm10874234 • CWE-319: Cleartext Transmission of Sensitive Information •