Description
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.2 and 5.2.0.0 through 5.2.6.5 could allow an authenticated user belonging to a specific user group to create a user or group with administrative privileges. IBM X-Force ID: 187077.
CVSS breakdown
CVSS 3.0
Integrity
High
Privileges Required
Low
Availability
High
Confidentiality
High
Attack Vector
Network
Attack Complexity
High
User Interaction
None
Scope
Unchanged
RC
Changed
E
Unchanged
RL
O
Affected products
- ibm / sterling_b2b_integrator6.0.0.0 – 6.0.0.0
- ibm / sterling_b2b_integrator5.2.0.0 – 5.2.0.0
- ibm / sterling_b2b_integrator5.2.6.5 – 5.2.6.5
- ibm / sterling_b2b_integrator6.0.3.2 – 6.0.3.2