CVSS: 3.3EPSS: 0%CPEs: 6EXPL: 0CVE-2025-2988 – IBM Sterling B2B Integrator and IBM Sterling File Gateway information disclosure
https://notcve.org/view.php?id=CVE-2025-2988
19 Aug 2025 — IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7, 6.2.0.0 through 6.2.0.4, and 6.2.1.0 could disclose sensitive server information to an unauthorized user that could aid in further attacks against the system. • https://www.ibm.com/support/pages/node/7242391 • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2025-33008 – IBM Sterling B2B Integrator and IBM Sterling File Gateway cross-site scripting
https://notcve.org/view.php?id=CVE-2025-33008
19 Aug 2025 — IBM Sterling B2B Integrator 6.2.1.0 and IBM Sterling File Gateway 6.2.1.0 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Sterling B2B Integrator 6.2.1.0 and IBM Sterling File Gateway 6.2.1.0 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScrip... • https://www.ibm.com/support/pages/node/7242392 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.1EPSS: 0%CPEs: 2EXPL: 0CVE-2018-1800
https://notcve.org/view.php?id=CVE-2018-1800
20 Sep 2018 — IBM Sterling B2B Integrator Standard Edition 5.2.6.0 and 6.2.6.1 could allow a local user to obtain highly sensitive information during a short time period when installation is occurring. IBM X-Force ID: 149607. IBM Sterling B2B Integrator Standard Edition 5.2.6.0 y 6.2.6.1 podría permitir que un usuario local obtenga información altamente sensible durante un corto periodo de tiempo mientras se está instalando. IBM X-Force ID: 149607. • https://exchange.xforce.ibmcloud.com/vulnerabilities/149607 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •