CVE-2020-4566

Description

IBM Sterling B2B Integrator Standard Edition 5.2.6.0 through 5.2.6.5 and 6.0.0.0 through 6.0.3.2 stores potentially highly sensitive information in log files that could be read by an authenticated user. IBM X-Force ID: 184083.

CVSS breakdown

CVSS 3.0

Attack Vector

Network

User Interaction

None

Attack Complexity

Low

Scope

Unchanged

Integrity

None

Availability

None

Privileges Required

Low

Confidentiality

High

Changed

Unchanged

Affected products

ibm / sterling_b2b_integrator5.2.6.0 – 5.2.6.0
ibm / sterling_b2b_integrator6.0.0.0 – 6.0.0.0
ibm / sterling_b2b_integrator5.2.6.5 – 5.2.6.5
ibm / sterling_b2b_integrator6.0.3.2 – 6.0.3.2

References

MISChttps://www.ibm.com/support/pages/node/6367975
MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/184083