Shodan
Vulnerabilities
Vulnerable Software
Ibm:  >> Sterling B2b Integrator  >> 5.2  Security Vulnerabilities
CVE-2017-1174
IBM Sterling B2B Integrator Standard Edition 5.2 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 123296.
CVSS Score
8.8
EPSS Score
0.006
Published
2017-08-10
CVE-2017-1192
IBM Sterling B2B Integrator 5.2 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose highly sensitive information or consume memory resources. IBM X-Force ID: 123663.
CVSS Score
8.2
EPSS Score
0.005
Published
2017-08-10
CVE-2015-0194
XML External Entity (XXE) vulnerability in IBM Sterling B2B Integrator 5.1 and 5.2 and IBM Sterling File Gateway 2.1 and 2.2 allows remote attackers to read arbitrary files via a crafted XML data.
CVSS Score
6.5
EPSS Score
0.002
Published
2017-08-02
CVE-2017-1496
IBM Sterling B2B Integrator Standard Edition 5.2.x is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 128694.
CVSS Score
5.4
EPSS Score
0.002
Published
2017-07-31
CVE-2016-5893
IBM Sterling B2B Integrator Standard Edition 5.2 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 115336.
CVSS Score
5.5
EPSS Score
0.001
Published
2017-06-23
CVE-2017-1131
IBM Sterling B2B Integrator Standard Edition 5.2 could allow an authenticated user to obtain sensitive information by using unsupported, specially crafted HTTP commands. IBM X-Force ID: 121375.
CVSS Score
6.5
EPSS Score
0.002
Published
2017-06-23
CVE-2017-1132
IBM Sterling B2B Integrator Standard Edition 5.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 121418.
CVSS Score
5.4
EPSS Score
0.003
Published
2017-06-23
CVE-2017-1193
IBM Sterling B2B Integrator Standard Edition 5.2 could allow user to obtain sensitive information using an HTTP GET request. IBM X-Force ID: 123667.
CVSS Score
6.5
EPSS Score
0.003
Published
2017-06-23
CVE-2017-1302
IBM Sterling B2B Integrator Standard Edition 5.2 could allow a local user view sensitive information due to improper access controls. IBM X-Force ID: 125456.
CVSS Score
5.5
EPSS Score
0.001
Published
2017-06-23
CVE-2017-1347
IBM Sterling B2B Integrator Standard Edition 5.2 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 126462.
CVSS Score
8.8
EPSS Score
0.006
Published
2017-06-23


Products
Pricing
Contact Us

Shodan ® - All rights reserved