CVE-2013-0456 — IBM Sterling B2B Integrator vulnerability

4 documents4 sources

Severity

4.0MEDIUMNVD

EPSS

0.2%

top 63.89%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Sterling B2B Integrator IBM Sterling File Gateway

Timeline

PublishedJul 3

Latest updateMay 5

Description

IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to hijack sessions via a modified cookie path.

CVSS vector

AV:N/AC:L/C:N/I:P/A:NExploitability: 8.0 | Impact: 2.9

Affected Packages2 packages

▶NVDibm/sterling_file_gateway2.1, 2.2+1

▶NVDibm/sterling_b2b_integrator5.1, 5.2+1

🔴Vulnerability Details

GHSA

GHSA-6gpf-86q8-wphj: IBM Sterling B2B Integrator 5↗2022-05-05

▶

CVEList

CVE-2013-0456: IBM Sterling B2B Integrator 5↗2013-07-03

▶