CVE-2015-5019 — IBM Sterling B2B Integrator vulnerability

CWE-2643 documents3 sources

Severity

5.5MEDIUMNVD

EPSS

0.1%

top 67.01%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Sterling B2B Integrator IBM Sterling Integrator

Timeline

PublishedNov 8

Latest updateMay 17

Description

IBM Sterling Integrator 5.1 before 5010004_8 and Sterling B2B Integrator 5.2 before 5020500_9 allow remote authenticated users to read or upload files by leveraging a password-change requirement.

CVSS vector

AV:N/AC:L/C:P/I:P/A:NExploitability: 8.0 | Impact: 4.9

Affected Packages2 packages

▶NVDibm/sterling_integrator5.1

▶NVDibm/sterling_b2b_integrator5.2

🔴Vulnerability Details

GHSA

GHSA-gg4v-v8j8-ph43: IBM Sterling Integrator 5↗2022-05-17

▶

CVEList

CVE-2015-5019: IBM Sterling Integrator 5↗2015-11-08

▶