CVE-2014-6199 — IBM Sterling B2B Integrator vulnerability

CWE-3993 documents3 sources

Severity

5.0MEDIUMNVD

EPSS

1.9%

top 16.83%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Sterling B2B Integrator IBM Sterling File Gateway

Timeline

PublishedJan 10

Latest updateMay 17

Description

The HTTP Server Adapter in IBM Sterling B2B Integrator 5.1 and 5.2.x and Sterling File Gateway 2.1 and 2.2 allows remote attackers to cause a denial of service (connection-slot exhaustion) via a crafted HTTP request.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

▶NVDibm/sterling_file_gateway2.1, 2.2+1

▶NVDibm/sterling_b2b_integrator8 versions+7

🔴Vulnerability Details

GHSA

GHSA-g9j3-mxqf-7q34: The HTTP Server Adapter in IBM Sterling B2B Integrator 5↗2022-05-17

▶

CVEList

CVE-2014-6199: The HTTP Server Adapter in IBM Sterling B2B Integrator 5↗2015-01-10

▶