CVE-2016-5890 — IBM Sterling B2B Integrator vulnerability

CWE-2553 documents3 sources

Severity

5.3MEDIUMNVD

EPSS

0.2%

top 62.68%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Sterling B2B Integrator

Timeline

PublishedNov 30

Latest updateMay 17

Description

IBM Sterling B2B Integrator 5.2 before 5020500_14 and 5.2 06 before 5020602_1 allows remote authenticated users to change arbitrary passwords via unspecified vectors.

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:NExploitability: 1.6 | Impact: 3.6

Affected Packages1 packages

▶NVDibm/sterling_b2b_integrator5.2

Patches

Patch: www-01.ibm.com ↗Patch: www-01.ibm.com ↗

🔴Vulnerability Details

GHSA

GHSA-vx9x-x99p-f8g7: IBM Sterling B2B Integrator 5↗2022-05-17

▶

CVEList

CVE-2016-5890: IBM Sterling B2B Integrator 5↗2016-11-30

▶