CVE-2013-5407Improper Input Validation in IBM Sterling B2B Integrator

CWE-20Improper Input Validation3 documents3 sources
Severity
4.9MEDIUMNVD
EPSS
0.2%
top 63.86%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
IBM Sterling B2B IntegratorIBM Sterling File Gateway
Timeline
PublishedDec 21
Latest updateMay 17

Description

IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 do not properly restrict use of FRAME elements, which allows remote authenticated users to bypass intended access restrictions or obtain sensitive information via a crafted web site, related to a "frame injection" issue.

CVSS vector

AV:N/AC:M/C:P/I:P/A:NExploitability: 6.8 | Impact: 4.9

Affected Packages2 packages

🔴Vulnerability Details

2
GHSA
GHSA-gr8h-936h-5xx4: IBM Sterling B2B Integrator 52022-05-17
CVEList
CVE-2013-5407: IBM Sterling B2B Integrator 52013-12-21
CVE-2013-5407 — Improper Input Validation in IBM | cvebase