CVE-2020-4671

Description

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.2 and 5.2.0.0 through 5.2.6.5 stores potentially sensitive information in log files that could be read by an authenticatedl user. IBM X-Force ID: 186284.

CVSS breakdown

CVSS 3.0

Attack Vector

Network

Scope

Unchanged

User Interaction

None

Attack Complexity

Low

Availability

None

Privileges Required

Low

Integrity

None

Confidentiality

High

Changed

Unchanged

Affected products

ibm / sterling_b2b_integrator6.0.0.0 – 6.0.0.0
ibm / sterling_b2b_integrator5.2.0.0 – 5.2.0.0
ibm / sterling_b2b_integrator5.2.6.5 – 5.2.6.5
ibm / sterling_b2b_integrator6.0.3.2 – 6.0.3.2

References

MISChttps://www.ibm.com/support/pages/node/6368001
MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/186284