Shodan
Vulnerabilities
Vulnerable Software
Ibm:  >> Sterling B2b Integrator  Security Vulnerabilities
CVE-2015-7438
IBM Sterling B2B Integrator 5.2 allows local users to obtain sensitive cleartext web-services information by leveraging database access.
CVSS Score
4.7
EPSS Score
0.0
Published
2016-01-02
CVE-2015-7437
Queue Watcher in IBM Sterling B2B Integrator 5.2 allows local users to obtain sensitive information via unspecified vectors.
CVSS Score
5.5
EPSS Score
0.0
Published
2016-01-02
CVE-2015-7431
Cross-site scripting (XSS) vulnerability in Queue Watcher in IBM Sterling B2B Integrator 5.2 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
CVSS Score
6.1
EPSS Score
0.002
Published
2016-01-02
CVE-2015-7410
The Health Check tool in IBM Sterling B2B Integrator 5.2 does not properly use cookies in conjunction with HTTPS sessions, which allows man-in-the-middle attackers to obtain sensitive information or modify data via unspecified vectors.
CVSS Score
7.4
EPSS Score
0.002
Published
2016-01-01
CVE-2015-5019
IBM Sterling Integrator 5.1 before 5010004_8 and Sterling B2B Integrator 5.2 before 5020500_9 allow remote authenticated users to read or upload files by leveraging a password-change requirement.
CVSS Score
5.5
EPSS Score
0.001
Published
2015-11-08
CVE-2015-4992
IBM Sterling B2B Integrator 5.2 before 5020500_8 allows remote authenticated users to conduct clickjacking attacks via unspecified vectors.
CVSS Score
3.5
EPSS Score
0.001
Published
2015-10-06
CVE-2014-6199
The HTTP Server Adapter in IBM Sterling B2B Integrator 5.1 and 5.2.x and Sterling File Gateway 2.1 and 2.2 allows remote attackers to cause a denial of service (connection-slot exhaustion) via a crafted HTTP request.
CVSS Score
5.0
EPSS Score
0.019
Published
2015-01-10
CVE-2014-6146
IBM Sterling B2B Integrator 5.2.x through 5.2.4, when the Connect:Direct Server Adapter is configured, does not properly process the logging configuration, which allows local users to obtain sensitive information by reading log files.
CVSS Score
1.9
EPSS Score
0.001
Published
2014-11-08
CVE-2014-6099
The Change Password feature in IBM Sterling B2B Integrator 5.2.x through 5.2.4 does not have a lockout protection mechanism for invalid login requests, which makes it easier for remote attackers to obtain admin access via a brute-force approach.
CVSS Score
5.0
EPSS Score
0.003
Published
2014-10-26
CVE-2013-5413
IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 do not invalidate a session upon a logout action, which allows remote attackers to bypass authentication by leveraging an unattended workstation.
CVSS Score
4.3
EPSS Score
0.003
Published
2013-12-21


Products
Pricing
Contact Us

Shodan ® - All rights reserved