cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2023-42010,https://securityvulnerability.io/vulnerability/CVE-2023-42010,HTTP Responses Vulnerable to Sensitive Information Disclosure,"IBM Sterling B2B Integrator Standard Edition versions 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.2 are susceptible to a vulnerability that could reveal sensitive information through HTTP responses. This vulnerability is primarily exploitable using man-in-the-middle techniques, potentially allowing malicious actors to intercept and view confidential data during transmission. Organizations using the affected versions should review their security protocols and apply necessary fixes to mitigate the risks involved.",IBM,Sterling B2b Integrator Standard Edition,3.7,LOW,0.0004600000102072954,false,false,false,false,,false,false,2024-07-17T17:18:38.043Z,0
CVE-2023-42014,https://securityvulnerability.io/vulnerability/CVE-2023-42014,IBM Sterling B2B Integrator vulnerable to Cross-Site Scripting,IBM Sterling B2B Integrator Standard Edition versions 6.0.0.0 through 6.2.0.2 are exposed to a cross-site scripting issue that could allow authenticated users to inject arbitrary JavaScript code into the web interface. This manipulation of the web UI can compromise the expected functionality of the application and exposes users to potential credential disclosure risks during trusted sessions. Organizations using these versions must implement remediation strategies to protect against such threats.,IBM,Sterling B2b Integrator Standard Edition,5.4,MEDIUM,0.0004400000034365803,false,false,false,false,,false,false,2024-06-27T18:00:42.773Z,0
CVE-2023-42011,https://securityvulnerability.io/vulnerability/CVE-2023-42011,Integrator May Confuse Users with Incorrect or Restricted Frame Objects,"IBM Sterling B2B Integrator Standard Edition versions 6.1 and 6.2 exhibit a vulnerability where frame objects or UI layers from another application or domain might not be properly restricted. This flaw can create confusion for users as it increases the risk of interacting with elements from different interfaces. As a result, users may find themselves unsure of which application they are currently using, potentially leading to erroneous actions and breaches in operational protocols. Addressing this issue is crucial for maintaining clarity and integrity in user interactions.",IBM,Sterling B2b Integrator Standard Edition,5.4,MEDIUM,0.0004400000034365803,false,false,false,false,,false,false,2024-06-27T17:39:04.750Z,0
CVE-2023-25682,https://securityvulnerability.io/vulnerability/CVE-2023-25682,IBM Sterling B2B Integrator information disclosure,IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.8 and 6.1.0.0 through 6.1.2.1 stores potentially sensitive information in log files that could be read by a local user.  IBM X-Force ID:  247034.,IBM,Sterling B2B Integrator Standard Edition,5.5,MEDIUM,0.0004199999966658652,false,false,false,false,,false,false,2023-11-22T19:15:00.000Z,0
CVE-2022-43578,https://securityvulnerability.io/vulnerability/CVE-2022-43578,IBM Sterling B2B Integrator Standard Edition cross-site scripting,IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.7 and 6.1.0.0 through 6.1.2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.  IBM X-Force ID:  238683.,IBM,Sterling B2b Integrator Standard Edition,4.6,MEDIUM,0.0005000000237487257,false,false,false,false,,false,false,2023-02-22T17:39:20.878Z,0
CVE-2022-40231,https://securityvulnerability.io/vulnerability/CVE-2022-40231,IBM Sterling B2B Integrator Standard Edition improper access control,IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.7 and 6.1.0.0 through 6.1.2.0 could allow an authenticated user to perform unauthorized actions due to improper access controls.  IBM X-Force ID:  235533.,IBM,Sterling B2b Integrator Standard Edition,4.3,MEDIUM,0.0008099999977275729,false,false,false,false,,false,false,2023-02-17T18:22:51.727Z,0
CVE-2022-43579,https://securityvulnerability.io/vulnerability/CVE-2022-43579,IBM Sterling B2B Integrator Standard Edition cross-site scripting,IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.7 and 6.1.0.0 through 6.1.2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.  IBM X-Force ID:  238684.,IBM,Sterling B2b Integrator Standard Edition,4.6,MEDIUM,0.0005000000237487257,false,false,false,false,,false,false,2023-02-17T18:15:16.142Z,0
CVE-2022-40232,https://securityvulnerability.io/vulnerability/CVE-2022-40232,IBM Sterling B2B Integrator Standard Edition improper access control,"
IBM Sterling B2B Integrator Standard Edition 6.1.0.0 through 6.1.1.1, and 6.1.2.0 could allow an authenticated user to perform actions they should not have access to due to improper permission controls. IBM X-Force ID: 235597.

",IBM,Sterling B2b Integrator Standard Edition,6.3,MEDIUM,0.0009200000204145908,false,false,false,false,,false,false,2023-02-17T17:44:47.900Z,0
CVE-2022-22337,https://securityvulnerability.io/vulnerability/CVE-2022-22337,IBM Sterling B2B Integrator Standard Edition information disclosure,IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.1 could disclose sensitive information to an authenticated user.  IBM X-Force ID:  219507.,IBM,Sterling B2b Integrator Standard Edition,4.3,MEDIUM,0.0005600000149570405,false,false,false,false,,false,false,2023-01-04T17:50:06.533Z,0
CVE-2022-22338,https://securityvulnerability.io/vulnerability/CVE-2022-22338,IBM Sterling B2B Integrator Standard Edition SQL injection,"IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.1 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database.  IBM X-Force ID:  219510.",IBM,Sterling B2b Integrator Standard Edition,6.3,MEDIUM,0.001120000029914081,false,false,false,false,,false,false,2023-01-04T17:41:40.371Z,0
CVE-2022-22371,https://securityvulnerability.io/vulnerability/CVE-2022-22371,IBM Sterling B2B Integrator Standard Edition session fixation,IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.1 does not invalidate session after a password change which could allow an authenticated user to impersonate another user on the system.  IBM X-Force ID:  221195.,IBM,Sterling B2b Integrator Standard Edition,5.5,MEDIUM,0.0005200000014156103,false,false,false,false,,false,false,2023-01-04T17:31:51.591Z,0
CVE-2021-38928,https://securityvulnerability.io/vulnerability/CVE-2021-38928,IBM Sterling B2B Integrator Standard Edition cross-origin resource sharing,IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.1 uses Cross-Origin Resource Sharing (CORS) which could allow an attacker to carry out privileged actions and retrieve sensitive information as the domain name is not being limited to only trusted domains.  IBM X-Force ID:  210323.,IBM,Sterling B2b Integrator Standard Edition,5.4,MEDIUM,0.0005000000237487257,false,false,false,false,,false,false,2023-01-04T17:26:59.970Z,0
CVE-2022-43920,https://securityvulnerability.io/vulnerability/CVE-2022-43920,IBM Sterling B2B Integrator Standard Edition privilege escalation,IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.1 could allow an authenticated user to gain privileges in a different group due to an access control vulnerability in the Sftp server adapter.  IBM X-Force ID:  241362.,IBM,Sterling B2b Integrator Standard Edition,6.3,MEDIUM,0.0008099999977275729,false,false,false,false,,false,false,2023-01-04T17:21:07.011Z,0
CVE-2022-22352,https://securityvulnerability.io/vulnerability/CVE-2022-22352,IBM Sterling B2B Integrator Standard Edition cross-site scripting,IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.  IBM X-Force ID:  220398.,IBM,Sterling B2b Integrator Standard Edition,5.4,MEDIUM,0.0005000000237487257,false,false,false,false,,false,false,2023-01-04T17:00:11.456Z,0