Total
180 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-31914 | 3 Ibm, Linux, Microsoft | 4 Aix, Sterling B2b Integrator, Linux Kernel and 1 more | 2025-09-29 | N/A | 6.4 MEDIUM |
| IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.2 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | |||||
| CVE-2025-33008 | 1 Ibm | 2 Sterling B2b Integrator, Sterling File Gateway | 2025-09-18 | N/A | 5.4 MEDIUM |
| IBM Sterling B2B Integrator 6.2.1.0 and IBM Sterling File Gateway 6.2.1.0 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | |||||
| CVE-2025-2988 | 1 Ibm | 2 Sterling B2b Integrator, Sterling File Gateway | 2025-09-17 | N/A | 2.7 LOW |
| IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7, 6.2.0.0 through 6.2.0.4, and 6.2.1.0 could disclose sensitive server information to an unauthorized user that could aid in further attacks against the system. | |||||
| CVE-2025-2667 | 1 Ibm | 2 Sterling B2b Integrator, Sterling File Gateway | 2025-09-10 | N/A | 2.7 LOW |
| IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.7_1 and 6.2.0.0 through 6.2.0.4 and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7_1 and 6.2.0.0 through 6.2.0.4 could disclose sensitive system information about the server to a privileged user that could aid in further attacks against the system. | |||||
| CVE-2025-2694 | 1 Ibm | 2 Sterling B2b Integrator, Sterling File Gateway | 2025-09-10 | N/A | 4.8 MEDIUM |
| IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.7_1 and 6.2.0.0 through 6.2.0.4 and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7_1 and 6.2.0.0 through 6.2.0.4 is vulnerable to cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | |||||
| CVE-2025-33014 | 3 Ibm, Linux, Microsoft | 5 Aix, Sterling B2b Integrator, Sterling File Gateway and 2 more | 2025-08-02 | N/A | 5.4 MEDIUM |
| IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7 and 6.2.0.0 through 6.2.0.4 uses a web link with untrusted references to an external site. A remote attacker could exploit this vulnerability to expose sensitive information or perform unauthorized actions on the victims’ web browser. | |||||
| CVE-2025-2793 | 3 Ibm, Linux, Microsoft | 5 Aix, Sterling B2b Integrator, Sterling File Gateway and 2 more | 2025-08-02 | N/A | 5.4 MEDIUM |
| IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.6, 6.2.0.0 through 6.2.0.4, IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6, and 6.2.0.0 through 6.2.0.4 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | |||||
| CVE-2025-3630 | 3 Ibm, Linux, Microsoft | 5 Aix, Sterling B2b Integrator, Sterling File Gateway and 2 more | 2025-08-02 | N/A | 6.4 MEDIUM |
| IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.6, 6.2.0.0 through 6.2.0.4, IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6, and 6.2.0.0 through 6.2.0.4 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | |||||
| CVE-2024-52905 | 3 Ibm, Linux, Microsoft | 4 Aix, Sterling B2b Integrator, Linux Kernel and 1 more | 2025-07-25 | N/A | 2.7 LOW |
| IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.3 could disclose sensitive database information to a privileged user. | |||||
| CVE-2025-1349 | 3 Ibm, Linux, Microsoft | 5 Aix, Sterling B2b Integrator, Sterling File Gateway and 2 more | 2025-07-25 | N/A | 5.5 MEDIUM |
| IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.4 is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | |||||
| CVE-2025-1348 | 3 Ibm, Linux, Microsoft | 5 Aix, Sterling B2b Integrator, Sterling File Gateway and 2 more | 2025-07-25 | N/A | 4.0 MEDIUM |
| IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.4 could allow a local user to obtain sensitive information from a user’s web browser cache due to not using a suitable caching policy. | |||||
| CVE-2024-54172 | 3 Ibm, Linux, Microsoft | 5 Aix, Sterling B2b Integrator, Sterling File Gateway and 2 more | 2025-07-25 | N/A | 4.3 MEDIUM |
| IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.4 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | |||||
| CVE-2024-54183 | 3 Ibm, Linux, Microsoft | 5 Aix, Sterling B2b Integrator, Sterling File Gateway and 2 more | 2025-07-25 | N/A | 5.4 MEDIUM |
| IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.4 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | |||||
| CVE-2024-56338 | 1 Ibm | 1 Sterling B2b Integrator | 2025-05-12 | N/A | 4.8 MEDIUM |
| IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.3 is vulnerable to cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | |||||
| CVE-2016-9983 | 1 Ibm | 1 Sterling B2b Integrator | 2025-04-20 | 3.5 LOW | 5.3 MEDIUM |
| IBM Sterling B2B Integrator Standard Edition 5.2 could allow an authenticated user with special privileges to view files that they should not have access to. IBM X-Force ID: 120275. | |||||
| CVE-2017-1482 | 1 Ibm | 1 Sterling B2b Integrator | 2025-04-20 | 3.5 LOW | 5.4 MEDIUM |
| IBM Sterling B2B Integrator Standard Edition 5.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 128620. | |||||
| CVE-2017-1349 | 1 Ibm | 1 Sterling B2b Integrator | 2025-04-20 | 2.1 LOW | 5.5 MEDIUM |
| IBM Sterling B2B Integrator Standard Edition 5.2 stores potentially sensitive information from HTTP sessions that could be read by a local user. IBM X-Force ID: 126525. | |||||
| CVE-2017-1496 | 1 Ibm | 1 Sterling B2b Integrator | 2025-04-20 | 3.5 LOW | 5.4 MEDIUM |
| IBM Sterling B2B Integrator Standard Edition 5.2.x is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 128694. | |||||
| CVE-2017-1481 | 1 Ibm | 1 Sterling B2b Integrator | 2025-04-20 | 4.0 MEDIUM | 4.3 MEDIUM |
| IBM Sterling B2B Integrator Standard Edition 5.2 allows a user to view sensitive information that belongs to another user. IBM X-Force ID: 128619. | |||||
| CVE-2016-0210 | 1 Ibm | 1 Sterling B2b Integrator | 2025-04-20 | 5.0 MEDIUM | 5.3 MEDIUM |
| IBM Sterling B2B Integrator Standard Edition could allow a remote attacker to obtain sensitive information. By allowing HTTP OPTIONS method, a remote attacker could send a specially-crafted query to a vulnerable server running to cause the server to disclose sensitive information in the HTTP response. | |||||