CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-6020

IBM Sterling B2B Integrator Standard Edition could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 38.6%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 5.8

References

Products affected by CVE-2016-6020

Ibm » Sterling B2b Integrator » Version: 5.2

cpe:2.3:a:ibm:sterling_b2b_integrator:5.2
Ibm » Sterling B2b Integrator » Version: 5.2.1

cpe:2.3:a:ibm:sterling_b2b_integrator:5.2.1
Ibm » Sterling B2b Integrator » Version: 5.2.2

cpe:2.3:a:ibm:sterling_b2b_integrator:5.2.2
Ibm » Sterling B2b Integrator » Version: 5.2.4

cpe:2.3:a:ibm:sterling_b2b_integrator:5.2.4
Ibm » Sterling B2b Integrator » Version: 5.2.4.1

cpe:2.3:a:ibm:sterling_b2b_integrator:5.2.4.1
Ibm » Sterling B2b Integrator » Version: 5.2.4.2

cpe:2.3:a:ibm:sterling_b2b_integrator:5.2.4.2
Ibm » Sterling B2b Integrator » Version: 5.2.5

cpe:2.3:a:ibm:sterling_b2b_integrator:5.2.5
Ibm » Sterling B2b Integrator » Version: 5.2.6

cpe:2.3:a:ibm:sterling_b2b_integrator:5.2.6

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-6020

Products

Pricing

Contact Us