threat
engine
.sh
Back
·
··:··
Home
/
Product
/
ibm sterling b2b integrator
Product
ibm sterling b2b integrator
195 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2026-1264
>= 6.1.0.0 and < 6.1.2.8
IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.1.0.0 through 6.1.2.7_2, 6.2.0.0 through 6.2.0.5_1, 6.2.1.0 through
7.1
HIGH
CVE-2025-14031
>= 6.1.0.0 and < 6.1.2.8
IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.1.0.0 through 6.1.2.7_2, 6.2.0.0 through 6.2.0.5_1, 6.2.1.0 thro
7.5
HIGH
CVE-2026-0835
>= 6.1.0.0 and < 6.1.2.8
IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.1.0.0 through 6.1.2.7_2, 6.2.0.0 through 6.2.0.5_1, 6.2.1.0 through
5.4
MEDIUM
CVE-2025-36368
>= 6.1.0.0 and < 6.1.2.8
IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.1.0.0 through 6.1.2.7_2, 6.2.0.0 through 6.2.0.5_1, and 6.2.1.0 throug
6.5
MEDIUM
CVE-2025-14504
>= 6.1.0.0 and < 6.1.2.8
IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.1.0.0 through 6.1.2.7_2, 6.2.0.0 through 6.2.0.5_1, 6.2.1.0 through 6.
5.4
MEDIUM
CVE-2025-14483
>= 6.1.0.0 and < 6.1.2.8
IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.1.0.0 through 6.1.2.7_2, 6.2.0.0 through 6.2.0.5_1, 6.2.1.0 through
4.3
MEDIUM
CVE-2023-40693
>= 6.1.0.0 and < 6.1.2.8
IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.1.0.0 through 6.1.2.7_2, and 6.2.0.0 through 6.2.0.5_1, 6.2.1.0 thro
5.4
MEDIUM
CVE-2025-36348
>= 6.1.0.0 and < 6.1.2.8
IBM Sterling B2B Integrator versions 6.1.0.0 through 6.1.2.7_2, 6.2.0.0 through 6.2.0.5, and 6.2.1.0 through 6.2.1.1, and IBM Ster
4.9
MEDIUM
CVE-2025-36134
>= 6.0.0.0 and < 6.1.2.7_2
IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7 and 6.2.0.0 through 6.2.0.5 and 6.2.1.1 could d
3.7
LOW
CVE-2025-36112
>= 6.0.0.0 and < 6.1.2.7_2
IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7 and 6.2.0.0 through 6.2.0.5 and 6.2.1.1 could r
5.3
MEDIUM
CVE-2025-36135
>= 6.0.0.0 and <= 6.1.2.7_1
IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.7_1, 6.2.0.0 through 6.2.0.5, and 6.2.1.0 and IBM Sterling File Gateway 6.0.0.0
5.4
MEDIUM
CVE-2025-36002
>= 6.2.0.0 and < 6.2.0.5_1
IBM Sterling B2B Integrator 6.2.0.0 through 6.2.0.5, and 6.2.1.0 and IBM Sterling File Gateway 6.2.0.0 through 6.2.0.5, and 6.2.1.
5.5
MEDIUM
CVE-2025-2694
>= 6.0.0.0 and < 6.1.2.7_2
IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.7_1 and 6.2.0.0 through 6.2.0.4 and IBM Sterling File Gateway 6.0.0.0 through 6.
4.8
MEDIUM
CVE-2025-2667
>= 6.0.0.0 and < 6.1.2.7_2
IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.7_1 and 6.2.0.0 through 6.2.0.4 and IBM Sterling File Gateway 6.0.0.0 through 6.
2.7
LOW
CVE-2025-2988
>= 6.0.0.0 and < 6.1.2.7_1
IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7, 6.2.0.0 through 6.2.0.4, and 6.2.1.0 could disc
2.7
LOW
CVE-2025-33008
all versions
IBM Sterling B2B Integrator 6.2.1.0 and IBM Sterling File Gateway 6.2.1.0 is vulnerable to cross-site scripting. This vulnerabil
5.4
MEDIUM
CVE-2025-33014
>= 6.0.0.0 and < 6.1.2.7_1
IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7 and 6.2.0.0 through 6.2.0.4 uses a web link wit
5.4
MEDIUM
CVE-2025-3630
>= 6.0.0.0 and < 6.1.2.7_1
IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.6, 6.2.0.0 through 6.2.0.4, IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6,
6.4
MEDIUM
CVE-2025-2793
>= 6.0.0.0 and < 6.1.2.7_1
IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.6, 6.2.0.0 through 6.2.0.4, IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6,
5.4
MEDIUM
CVE-2025-1349
>= 6.0.0.0 and < 6.1.2.7
IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.4 is vulnerable to s
5.5
MEDIUM
CVE-2025-1348
>= 6.0.0.0 and < 6.1.2.7
IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.4 could allow a local
4.0
MEDIUM
CVE-2024-54172
>= 6.0.0.0 and < 6.1.2.7
IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.4 is vulnerable to cro
4.3
MEDIUM
CVE-2024-54183
>= 6.0.0.0 and < 6.1.2.7
IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.4 is vulnerable to cro
5.4
MEDIUM
CVE-2024-56338
>= 6.0.0.0 and <= 6.1.2.6
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.3 is vulnerable to cross-site scrip
4.8
MEDIUM
CVE-2024-52905
>= 6.0.0.0 and < 6.1.2.7
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.6 and 6.2.0.0 through 6.2.0.3 could disclose sensitive database
2.7
LOW
CVE-2024-49807
>= 6.0.0.0 and <= 6.1.2.5
IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.3 Standard Edition is vulnerable to stored cross-sit
6.4
MEDIUM
CVE-2024-47116
>= 6.0.0.0 and <= 6.1.2.5
IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.3 Standard Edition is vulnerable to cross-site scrip
5.4
MEDIUM
CVE-2024-47103
>= 6.0.0.0 and <= 6.1.2.5
IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.3 Standard Edition is vulnerable to cross-site scrip
4.8
MEDIUM
CVE-2024-45089
>= 6.0.0.0 and <= 6.1.2.5
IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.3 Standard Edition EBICS server could allow an authe
4.3
MEDIUM
CVE-2024-40696
>= 6.0.0.0 and <= 6.1.2.5
IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.3 Standard Edition is vulnerable to cross-site scrip
4.8
MEDIUM
CVE-2023-38739
>= 6.0.0.0 and <= 6.1.2.5
IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.3 is vulnerable to cross-site request forgery which
4.3
MEDIUM
CVE-2024-27263
>= 6.0.0.0 and <= 6.1.2.5
IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.1 could allow an authenticated user to obtain sensit
5.3
MEDIUM
CVE-2023-50316
>= 6.0.0.0 and <= 6.1.2.5
IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.1 is vulnerable to SQL injection. A remote attacker
6.3
MEDIUM
CVE-2023-50309
>= 6.0.0.0 and <= 6.1.2.5
IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 is vulnerable to stored cross-site scripting. This vulnerability
6.4
MEDIUM
CVE-2023-32340
>= 6.0.0.0 and <= 6.1.2.5
IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 is vulnerable to cross-site scripting. This vulnerability allows u
4.6
MEDIUM
CVE-2024-31903
>= 6.0.0.0 and <= 6.1.2.5
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.2 allow an attacker on the local n
8.8
HIGH
CVE-2024-31914
>= 6.0.0.0 and <= 6.1.2.5
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.2 is vulnerable to stored cross-sit
6.4
MEDIUM
CVE-2024-31913
>= 6.0.0.0 and <= 6.1.2.5
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.2 is vulnerable to stored cross-sit
5.5
MEDIUM
CVE-2021-20553
>= 5.2.0.0 and <= 6.1.1.0
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 is vulnerable to cross-site scripting. This vulnerability all
5.4
MEDIUM
CVE-2023-42010
>= 6.0.0.0 and <= 6.1.2.5
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.2 could disclose sensitive informat
3.1
LOW
CVE-2023-42014
>= 6.0.0.0 and <= 6.2.0.2
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.2.0.2 is vulnerable to cross-site scripting. This vulnerability all
5.4
MEDIUM
CVE-2023-42011
all versions
IBM Sterling B2B Integrator Standard Edition 6.1 and 6.2 does not restrict or incorrectly restricts frame objects or UI layers tha
4.3
MEDIUM
CVE-2024-22357
>= 6.0.0.0 and <= 6.0.3.9
IBM Sterling B2B Integrator 6.0.0.0 through 6.0.3.9, 6.1.0.0 through 6.1.2.3, and 6.2.0.0 is vulnerable to cross-site scripting. T
5.4
MEDIUM
CVE-2023-50307
>= 6.0.0.0 and <= 6.0.3.9
IBM Sterling B2B Integrator 6.0.0.0 through 6.0.3.9, 6.1.0.0 through 6.1.2.3, and 6.2.0.0 is vulnerable to cross-site scripting. T
5.4
MEDIUM
CVE-2023-45186
>= 6.0.0.0 and <= 6.0.3.9
IBM Sterling B2B Integrator 6.0.0.0 through 6.0.3.9, 6.1.0.0 through 6.1.2.3, and 6.2.0.0 is vulnerable to cross-site scripting. T
4.8
MEDIUM
CVE-2023-42016
>= 6.0.0.0 and <= 6.0.3.8
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.8 and 6.1.0.0 through 6.1.2.3 does not set the secure attribute
4.3
MEDIUM
CVE-2023-32341
>= 6.0.0.0 and <= 6.0.3.8
IBM Sterling B2B Integrator 6.0.0.0 through 6.0.3.8 and 6.1.0.0 through 6.1.2.3 could allow an authenticated user to cause a denia
6.5
MEDIUM
CVE-2023-25682
>= 6.0.0.0 and < 6.0.3.9
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.8 and 6.1.0.0 through 6.1.2.1 stores potentially sensitive info
6.2
MEDIUM
CVE-2022-35638
>= 6.0.0.0 and < 6.0.3.9
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.8 and 6.1.0.0 through 6.1.2.1 is vulnerable to cross-site reque
4.3
MEDIUM
CVE-2023-22876
>= 6.0.0.0 and < 6.0.3.8
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.7 and 6.1.0.0 through 6.1.2.1 could allow a privileged user to
4.3
MEDIUM
CVE-2022-43578
>= 6.0.0.0 and <= 6.0.3.7
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.7 and 6.1.0.0 through 6.1.2.0 is vulnerable to cross-site scrip
4.6
MEDIUM
CVE-2022-43579
>= 6.0.0.0 and <= 6.0.3.7
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.7 and 6.1.0.0 through 6.1.2.0 is vulnerable to cross-site scrip
4.6
MEDIUM
CVE-2022-40231
>= 6.0.0.0 and <= 6.0.3.7
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.7 and 6.1.0.0 through 6.1.2.0 could allow an authenticated user
4.3
MEDIUM
CVE-2022-40232
>= 6.1.0.0 and <= 6.1.1.1
IBM Sterling B2B Integrator Standard Edition 6.1.0.0 through 6.1.1.1, and 6.1.2.0 could allow an authenticated user to perform act
6.3
MEDIUM
CVE-2022-34330
>= 6.0.0.0 and <= 6.0.3.6
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.1 is vulnerable to cross-site scripting. This vulnerability all
6.1
MEDIUM
CVE-2022-22371
>= 6.0.0.0 and <= 6.0.3.6
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.1 does not invalidate session after a password change which cou
5.5
MEDIUM
CVE-2022-43920
>= 6.0.0.0 and < 6.0.3.7
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.1 could allow an authenticated user to gain privileges in a dif
6.3
MEDIUM
CVE-2022-22352
>= 6.0.0.0 and < 6.0.3.7
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.1 is vulnerable to cross-site scripting. This vulnerability all
5.4
MEDIUM
CVE-2022-22338
>= 6.0.0.0 and < 6.0.3.7
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.1 is vulnerable to SQL injection. A remote attacker could send
6.3
MEDIUM
CVE-2022-22337
>= 6.0.0.0 and < 6.0.3.7
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.1 could disclose sensitive information to an authenticated user
4.3
MEDIUM
CVE-2021-38928
>= 6.0.0.0 and < 6.0.3.7
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.1 uses Cross-Origin Resource Sharing (CORS) which could allow a
5.4
MEDIUM
CVE-2021-39087
>= 6.0.0.0 and < 6.0.3.6
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.4, and 6.1.1.0 through 6.1.1.1 could a
6.5
MEDIUM
CVE-2021-39085
>= 6.0.0.0 and < 6.0.3.6
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.4, and 6.1.1.0 through 6.1.1.1 is vuln
9.8
CRITICAL
CVE-2021-39035
>= 6.0.0.0 and < 6.0.3.6
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.4, and 6.1.1.0 through 6.1.1.1 is vuln
5.4
MEDIUM
CVE-2021-38954
>= 6.0.0.0 and <= 6.0.3.5
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5 and 6.1.0.0 through 6.1.1.0 could disclose sensitive version
4.3
MEDIUM
CVE-2022-22482
>= 6.0.0.0 and <= 6.0.3.5
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5 and 6.1.0.0 through 6.1.1.0 could allow an authenticated user
6.5
MEDIUM
CVE-2021-39033
>= 6.0.0.0 and < 6.0.3.6
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5 and 6.1.0.0 through 6.1.1.0 could allow a remote attacker to
6.5
MEDIUM
CVE-2020-4668
>= 6.0.0.0 and <= 6.0.3.5
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.3, and 6.1.1.0 is vulnerable to cross-
8.8
HIGH
CVE-2021-29700
>= 5.2.0.0 and <= 5.2.6.5_4
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 could allow an authneticated attacker to obtain sensitive inf
4.3
MEDIUM
CVE-2021-20584
>= 2.2.0.0 and <= 5.2.6.5_4
IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 could allow a remote attacker to upload arbitrary files, caused by improper acce
7.5
HIGH
CVE-2021-20571
>= 5.2.0.0 and <= 5.2.6.5_4
IBM Sterling B2B Integrator 5.2.0.0 through 6.1.1.0 is vulnerable to stored cross-site scripting. This vulnerability allows users
5.4
MEDIUM
CVE-2021-20561
>= 2.2.0.0 and <= 5.2.6.5_4
IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed
6.1
MEDIUM
CVE-2021-20376
>= 2.2.0.0 and <= 5.2.6.5_3
IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 could allow an authenticated attacker to enumerate usernames due to there being
4.3
MEDIUM
CVE-2021-20375
>= 2.2.0.0 and <= 5.2.6.5_3
IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 could allow an authenticated user to intercept and replace a message sent by ano
6.5
MEDIUM
CVE-2021-20372
>= 2.2.0.0 and <= 5.2.6.5_3
IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 could allow a remote authenticated user to cause a denial of another user's serv
4.3
MEDIUM
CVE-2021-38925
>= 5.2.0.0 and <= 6.0.3.4
IBM Sterling B2B Integrator Standard Edition 5.2.0. 0 through 6.1.1.0 uses weaker than expected cryptographic algorithms that coul
7.5
HIGH
CVE-2021-29903
>= 5.2.6.0 and <= 6.0.3.4
IBM Sterling B2B Integrator Standard Edition 5.2.6.0 through 6.1.1.0 is vulnerable to SQL injection. A remote attacker could send
9.8
CRITICAL
CVE-2021-29855
>= 5.2.0.0 and <= 6.0.3.4
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 is vulnerable to cross-site scripting. This vulnerability all
5.4
MEDIUM
CVE-2021-29837
>= 5.2.0.0 and <= 6.0.3.4
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 is vulnerable to cross-site request forgery which could allow
8.8
HIGH
CVE-2021-29836
>= 5.2.0.0 and <= 6.0.3.4
IBM Sterling B2B Integrator Standard Edition 5.2.0.0. through 6.1.1.0 is vulnerable to cross-site scripting. This vulnerability al
5.4
MEDIUM
CVE-2021-29798
>= 6.0.0.0 and <= 6.0.3.4
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.1.0 is vulnerable to SQL injection. A remote attacker could send
9.8
CRITICAL
CVE-2021-29764
>= 5.2.0.0 and <= 6.1.0.3
IBM Sterling B2B Integrator 5.2.0.0 through 6.1.1.0 is vulnerable to stored cross-site scripting. This vulnerability allows users
5.4
MEDIUM
CVE-2021-29761
>= 5.2.0.0 and <= 6.1.0.3
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 could allow an authenticated user to obtain sensitive informa
4.3
MEDIUM
CVE-2021-29760
>= 5.2.0.0 and <= 6.1.0.3
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 could allow an authenticated user to download unauthorized fi
4.3
MEDIUM
CVE-2021-29758
>= 5.2.0.0 and <= 6.1.0.3
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 could allow an authenticated user to perform actions that the
4.3
MEDIUM
CVE-2021-20562
>= 5.2.0.0 and <= 5.2.6.5_3
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5_3 and 6.1.0.0 through 6.1.0.2 vulnerable to cross-site script
5.4
MEDIUM
CVE-2020-4646
>= 5.2.0.0 and <= 5.2.6.5
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5, 6.0.0.0 through 6.0.3.3, and 6.1.0.0 through 6.1.0.2 could a
4.3
MEDIUM
CVE-2020-4762
>= 5.2.0.0 and <= 5.2.6.5_2
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5_2, 6.0.0.0 through 6.0.3.2, and 6.1.0.0 could allow an authen
8.8
HIGH
CVE-2020-4761
>= 5.2.0.0 and <= 5.2.6.5_2
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5_2, 6.0.0.0 through 6.0.3.2, and 6.1.0.0 could allow a remote
5.3
MEDIUM
CVE-2019-4728
>= 5.2.0.0 and <= 5.2.6.5_2
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5_2, 6.0.0.0 through 6.0.3.2, and 6.1.0.0 could allow a remote
8.8
HIGH
CVE-2020-4657
>= 5.2.0.0 and <= 6.0.3.2
IBM Sterling B2B Integrator 5.2.0.0 through 6.0.3.2 Standard Edition is vulnerable to cross-site scripting. This vulnerability all
6.1
MEDIUM
CVE-2019-4738
>= 5.2.0.0 and <= 5.2.6.5
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 and 6.0.0.0 through 6.0.3.1 discloses sensitive information t
6.5
MEDIUM
CVE-2020-4937
>= 5.2.0.0 and <= 6.0.3.2
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.0.3.2 uses weaker than expected cryptographic algorithms that could
7.5
HIGH
CVE-2020-4705
>= 5.2.0.0 and <= 5.2.6.5
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.2 and 5.2.0.0 through 5.2.6.5 is vulnerable to cross-site scrip
4.8
MEDIUM
CVE-2020-4700
>= 5.2.0.0 and <= 5.2.6.5
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.2 and 5.2.0.0 through 5.2.6.5 could allow an authenticated user
8.8
HIGH
CVE-2020-4692
>= 5.2.0.0 and <= 5.2.6.5
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.2 and 5.2.0.0 through 5.2.6.5 could allow an authenticated user
6.5
MEDIUM
CVE-2020-4671
>= 5.2.0.0 and <= 5.2.6.5
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.2 and 5.2.0.0 through 5.2.6.5 stores potentially sensitive info
6.5
MEDIUM
CVE-2020-4655
>= 5.2.0.0 and <= 5.2.6.5
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.2 and 5.2.0.0 through 5.2.6.5 is vulnerable to SQL injection. A
8.8
HIGH
CVE-2020-4566
>= 5.2.6.0 and <= 5.2.6.5
IBM Sterling B2B Integrator Standard Edition 5.2.6.0 through 5.2.6.5 and 6.0.0.0 through 6.0.3.2 stores potentially highly sensiti
6.5
MEDIUM
CVE-2020-4475
>= 5.2.0.0 and <= 5.2.6.5
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 and 6.0.0.0 through 6.0.3.2 could allow a remote attacker to
6.5
MEDIUM
CVE-2020-4564
>= 5.2.0.0 and <= 6.0.3.1
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.0.3.1 and IBM Sterling File Gateway 2.2.0.0 through 6.0.3.1 are vul
5.4
MEDIUM
CVE-2019-4680
>= 5.2.0.0 and <= 6.0.2.2
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.0.2.2 is vulnerable to SQL injection. A remote attacker could send
8.8
HIGH
CVE-2020-4312
>= 5.2.0.0 and <= 5.2.6.5
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 trough 6.0.3.1 could allow an authenticated user to obtain sensitive informat
4.3
MEDIUM
CVE-2019-4726
>= 5.2.0.0 and <= 6.0.3.0
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 is vulnerable to cross-site request forgery which could allow
4.3
MEDIUM
CVE-2019-4598
>= 5.2.0.0 and <= 5.2.6.5
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 is vulnerable to SQL injection. A remote attacker could send
6.3
MEDIUM
CVE-2019-4597
>= 5.2.0.0 and <= 5.2.6.5
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 is vulnerable to SQL injection. A remote attacker could send
6.3
MEDIUM
CVE-2019-4596
>= 5.2.0.0 and <= 5.2.6.5
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 is vulnerable to cross-site scripting. This vulnerability all
5.4
MEDIUM
CVE-2019-4595
>= 5.2.0.0 and <= 5.2.6.5
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 could allow a remote attacker to conduct phishing attacks, us
6.1
MEDIUM
CVE-2019-4387
>= 6.0.0.0 and <= 6.0.2.0
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.2.0 is vulnerable to SQL injection. A remote attacker could send
8.8
HIGH
CVE-2019-4377
>= 5.2.0.0 and <= 6.0.0.1
IBM Sterling B2B Integrator 6.0.0.0 and 6.0.0.1 reveals sensitive information from a stack trace that could be used in further att
4.3
MEDIUM
CVE-2019-4258
all versions
IBM Sterling B2B Integrator 6.0.0.0 and 6.0.0.1 Standard Edition is vulnerable to cross-site scripting. This vulnerability allows
5.4
MEDIUM
CVE-2019-4222
all versions
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 and 6.0.0.1 could allow an authenticated user to view process definition of a
4.3
MEDIUM
CVE-2019-4148
all versions
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 and 6.0.0.1 is vulnerable to cross-site scripting. This vulnerability allows
5.4
MEDIUM
CVE-2019-4146
all versions
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 and 6.0.0.1 could allow an authenticated user to obtain sensitive document in
3.1
LOW
CVE-2019-4077
all versions
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 and 6.0.0.1 is vulnerable to cross-site scripting. This vulnerability allows
5.4
MEDIUM
CVE-2019-4076
all versions
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 and 6.0.0.1 is vulnerable to cross-site scripting. This vulnerability allows
5.4
MEDIUM
CVE-2019-4075
all versions
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 and 6.0.0.1 is vulnerable to cross-site scripting. This vulnerability allows
5.4
MEDIUM
CVE-2019-4074
all versions
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 and 6.0.0.1 is vulnerable to cross-site scripting. This vulnerability allows
5.4
MEDIUM
CVE-2019-4073
all versions
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 and 6.0.0.1 is vulnerable to cross-site scripting. This vulnerability allows
5.4
MEDIUM
CVE-2018-1720
all versions
IBM Sterling B2B Integrator Standard Edition 5.2.0.1, 5.2.6.3_6, 6.0.0.0, and 6.0.0.1 uses weaker than expected cryptographic algo
5.9
MEDIUM
CVE-2019-4043
>= 5.2 and <= 5.2.6.4
IBM Sterling B2B Integrator Standard Edition 5.2.0 snf 6.0.0.0 is vulnerable to an XML External Entity Injection (XXE) attack when
7.1
HIGH
CVE-2019-4063
>= 5.2.0.1 and <= 6.0.0.0
IBM Sterling B2B Integrator 5.2.0.1 through 6.0.0.0 Standard Edition could allow highly sensitive information to be transmitted in
5.9
MEDIUM
CVE-2019-4029
>= 5.2.0.1 and <= 6.0.0.0
IBM Sterling B2B Integrator 5.2.0.1 through 6.0.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embe
5.4
MEDIUM
CVE-2019-4028
>= 5.2.0.1 and <= 6.0.0.0
IBM Sterling B2B Integrator 5.2.0.1 through 6.0.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embe
5.4
MEDIUM
CVE-2019-4027
>= 5.2.0.1 and <= 6.0.0.0
IBM Sterling B2B Integrator 5.2.0.1 through 6.0.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embe
5.4
MEDIUM
CVE-2018-1800
>= 5.2.6.0 and <= 5.2.6.3
IBM Sterling B2B Integrator Standard Edition 5.2.6.0 and 6.2.6.1 could allow a local user to obtain highly sensitive information d
5.1
MEDIUM
CVE-2018-1718
>= 5.2.0.1 and <= 5.2.6.3
IBM Sterling B2B Integrator Standard Edition 5.2.0.1 - 5.2.6.3 is vulnerable to cross-site scripting. This vulnerability allows us
5.4
MEDIUM
CVE-2018-1513
> 5.2 and <= 5.2.6
IBM Sterling B2B Integrator Standard Edition 5.2.0 through 5.2.6 is vulnerable to cross-site scripting. This vulnerability allows
5.4
MEDIUM
CVE-2018-1679
>= 5.2.0.1 and <= 5.2.6.3
IBM Sterling B2B Integrator Standard Edition 5.2 through 5.2.6 could allow an unauthenticated user to obtain sensitive information
5.3
MEDIUM
CVE-2018-1564
>= 5.2.0.1 and <= 5.2.6.3
IBM Sterling B2B Integrator Standard Edition 5.2 through 5.2.6 could allow a local user with administrator privileges to obtain us
4.4
MEDIUM
CVE-2018-1563
>= 5.2.0.1 and <= 5.2.6.3
IBM Sterling B2B Integrator Standard Edition (IBM Sterling File Gateway 2.2.0 through 2.2.6) is vulnerable to cross-site scripting
5.4
MEDIUM
CVE-2017-1633
>= 5.2.0.1 and <= 5.2.6.3
IBM Sterling B2B Integrator 5.2 through 5.2.6 could allow an authenticated attacker to obtain sensitive variable name information
4.3
MEDIUM
CVE-2014-0927
all versions
The ActiveMQ admin user interface in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allows remote a
8.1
HIGH
CVE-2014-0912
all versions
IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote attackers to obtain sensitive product i
5.3
MEDIUM
CVE-2017-1482
all versions
IBM Sterling B2B Integrator Standard Edition 5.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed a
5.4
MEDIUM
CVE-2017-1481
all versions
IBM Sterling B2B Integrator Standard Edition 5.2 allows a user to view sensitive information that belongs to another user. IBM X-F
4.3
MEDIUM
CVE-2017-1192
all versions
IBM Sterling B2B Integrator 5.2 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote
8.2
HIGH
CVE-2017-1174
all versions
IBM Sterling B2B Integrator Standard Edition 5.2 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQ
8.8
HIGH
CVE-2015-0194
all versions
XML External Entity (XXE) vulnerability in IBM Sterling B2B Integrator 5.1 and 5.2 and IBM Sterling File Gateway 2.1 and 2.2 allow
6.5
MEDIUM
CVE-2017-1496
all versions
IBM Sterling B2B Integrator Standard Edition 5.2.x is vulnerable to cross-site scripting. This vulnerability allows users to embed
5.4
MEDIUM
CVE-2017-1349
all versions
IBM Sterling B2B Integrator Standard Edition 5.2 stores potentially sensitive information from HTTP sessions that could be read by
5.5
MEDIUM
CVE-2017-1348
all versions
IBM Sterling B2B Integrator Standard Edition 5.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed a
5.4
MEDIUM
CVE-2017-1347
all versions
IBM Sterling B2B Integrator Standard Edition 5.2 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQ
8.8
HIGH
CVE-2017-1302
all versions
IBM Sterling B2B Integrator Standard Edition 5.2 could allow a local user view sensitive information due to improper access contro
5.5
MEDIUM
CVE-2017-1193
all versions
IBM Sterling B2B Integrator Standard Edition 5.2 could allow user to obtain sensitive information using an HTTP GET request. IBM X
6.5
MEDIUM
CVE-2017-1132
all versions
IBM Sterling B2B Integrator Standard Edition 5.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed a
5.4
MEDIUM
CVE-2017-1131
all versions
IBM Sterling B2B Integrator Standard Edition 5.2 could allow an authenticated user to obtain sensitive information by using unsupp
6.5
MEDIUM
CVE-2016-5893
all versions
IBM Sterling B2B Integrator Standard Edition 5.2 allows web pages to be stored locally which can be read by another user on the sy
5.5
MEDIUM
CVE-2017-1326
all versions
IBM Sterling File Gateway does not properly restrict user requests based on permission level. This allows for users to update data
4.3
MEDIUM
CVE-2016-9983
all versions
IBM Sterling B2B Integrator Standard Edition 5.2 could allow an authenticated user with special privileges to view files that they
5.3
MEDIUM
CVE-2016-9982
all versions
IBM Sterling B2B Integrator Standard Edition 5.2 could allow an authenticated user to obtain sensitive information such as account
6.5
MEDIUM
CVE-2016-0210
all versions
IBM Sterling B2B Integrator Standard Edition could allow a remote attacker to obtain sensitive information. By allowing HTTP OPTIO
5.3
MEDIUM
CVE-2016-6020
all versions
IBM Sterling B2B Integrator Standard Edition could allow a remote attacker to conduct phishing attacks, using an open redirect att
6.1
MEDIUM
CVE-2016-5890
all versions
IBM Sterling B2B Integrator 5.2 before 5020500_14 and 5.2 06 before 5020602_1 allows remote authenticated users to change arbitrar
5.3
MEDIUM
CVE-2016-3057
all versions
Cross-site scripting (XSS) vulnerability in IBM Sterling B2B Integrator 5.2 before 5020500_14 and 5.2 06 before 5020602_1 allows r
6.1
MEDIUM
CVE-2015-7450
all versions
Serialized-object interfaces in certain IBM analytics, business solutions, cognitive, IT infrastructure, and mobile and social pro
9.8
CRITICAL
CVE-2015-7438
all versions
IBM Sterling B2B Integrator 5.2 allows local users to obtain sensitive cleartext web-services information by leveraging database a
4.7
MEDIUM
CVE-2015-7437
all versions
Queue Watcher in IBM Sterling B2B Integrator 5.2 allows local users to obtain sensitive information via unspecified vectors.
5.5
MEDIUM
CVE-2015-7431
all versions
Cross-site scripting (XSS) vulnerability in Queue Watcher in IBM Sterling B2B Integrator 5.2 allows remote attackers to inject arb
6.1
MEDIUM
CVE-2015-7410
all versions
The Health Check tool in IBM Sterling B2B Integrator 5.2 does not properly use cookies in conjunction with HTTPS sessions, which a
7.4
HIGH
CVE-2015-5019
all versions
IBM Sterling Integrator 5.1 before 5010004_8 and Sterling B2B Integrator 5.2 before 5020500_9 allow remote authenticated users to
CVE-2015-4992
all versions
IBM Sterling B2B Integrator 5.2 before 5020500_8 allows remote authenticated users to conduct clickjacking attacks via unspecified
CVE-2014-6199
all versions
The HTTP Server Adapter in IBM Sterling B2B Integrator 5.1 and 5.2.x and Sterling File Gateway 2.1 and 2.2 allows remote attackers
CVE-2014-6146
all versions
IBM Sterling B2B Integrator 5.2.x through 5.2.4, when the Connect:Direct Server Adapter is configured, does not properly process t
CVE-2014-6099
all versions
The Change Password feature in IBM Sterling B2B Integrator 5.2.x through 5.2.4 does not have a lockout protection mechanism for in
CVE-2013-5413
all versions
IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 do not invalidate a session upon a logout action, which allows remot
CVE-2013-5411
all versions
IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 allow remote attackers to inject links and trigger unintended naviga
CVE-2013-5409
all versions
Multiple SQL injection vulnerabilities in IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 allow remote authenticated
CVE-2013-5407
all versions
IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 do not properly restrict use of FRAME elements, which allows remote
CVE-2013-5406
all versions
Multiple cross-site scripting (XSS) vulnerabilities in IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 allow remote
CVE-2013-5405
all versions
Multiple cross-site scripting (XSS) vulnerabilities in IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 allow remote
CVE-2013-0494
all versions
IBM Sterling B2B Integrator 5.0 and 5.1 allows remote attackers to cause a denial of service (memory and CPU consumption) via a cr
CVE-2013-4002
all versions
XMLscanner.java in Apache Xerces2 Java Parser before 2.12.0, as used in the Java Runtime Environment (JRE) in IBM Java 5.0 before
CVE-2013-3020
all versions
IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to obtain sensitive
CVE-2013-2987
all versions
IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to obtain sensitive
CVE-2013-2985
all versions
IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to obtain sensitive
CVE-2013-2984
all versions
Directory traversal vulnerability in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allows remote a
CVE-2013-2982
all versions
IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to upload arbitrary
CVE-2013-0568
all versions
IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to obtain sensitive
CVE-2013-0567
all versions
IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to obtain sensitive
CVE-2013-0560
all versions
Multiple SQL injection vulnerabilities in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remo
CVE-2013-0558
all versions
IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote attackers to obtain sensitive informati
CVE-2013-0539
all versions
An unspecified third-party component in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 uses short s
CVE-2013-0481
all versions
The console in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allows remote attackers to read stack
CVE-2013-0479
all versions
IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 do not properly restrict file types and extensions,
CVE-2013-0476
all versions
IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote attackers to inject arbitrary FTP comma
CVE-2013-0475
all versions
IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to obtain sensitive
CVE-2013-0468
all versions
Cross-site scripting (XSS) vulnerability in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allows r
CVE-2013-0463
all versions
IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to obtain sensitive
CVE-2013-0456
all versions
IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to hijack sessions
CVE-2012-5936
all versions
IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 do not set the secure flag for the session cookie in
CVE-2012-5766
all versions
Multiple SQL injection vulnerabilities in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remo
CVE-2013-2983
all versions
Multiple cross-site scripting (XSS) vulnerabilities in IBM Sterling File Gateway 2.2 and Sterling B2B Integrator allow remote auth
CVE-2013-0455
all versions
Multiple cross-site scripting (XSS) vulnerabilities in IBM Sterling B2B Integrator 5.2.4 and Sterling File Gateway allow remote at
CVE-2012-5937
all versions
Unspecified vulnerability in the CLA2 server in IBM Gentran Integration Suite 4.3, Sterling Integrator 5.0 and 5.1, and Sterling B
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin