Vulnerability Details CVE-2013-0539
An unspecified third-party component in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 uses short session ID values, which makes it easier for remote attackers to hijack sessions, and consequently obtain sensitive information, via a brute-force attack.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 50.7%
CVSS Severity
CVSS v2 Score 5.0
References
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC92007
- http://www-01.ibm.com/support/docview.wss?uid=swg21640830
- https://exchange.xforce.ibmcloud.com/vulnerabilities/82916
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC92007
- http://www-01.ibm.com/support/docview.wss?uid=swg21640830
- https://exchange.xforce.ibmcloud.com/vulnerabilities/82916
Products affected by CVE-2013-0539
-
cpe:2.3:a:ibm:sterling_b2b_integrator:5.1
-
cpe:2.3:a:ibm:sterling_b2b_integrator:5.2
-
cpe:2.3:a:ibm:sterling_file_gateway:2.1
-
cpe:2.3:a:ibm:sterling_file_gateway:2.2