CVE-2018-1800Sensitive Information Exposure in IBM Sterling B2B Integrator

CWE-200Sensitive Information ExposureCWE-255CWE-667Improper LockingCWE-20Improper Input Validation6 documents4 sources
Severity
4.7MEDIUMNVD
CNA5.1
EPSS
0.0%
top 86.11%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Sterling B2B Integrator
Timeline
PublishedSep 20
Latest updateMay 13

Description

IBM Sterling B2B Integrator Standard Edition 5.2.6.0 and 6.2.6.1 could allow a local user to obtain highly sensitive information during a short time period when installation is occurring. IBM X-Force ID: 149607.

CVSS vector

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 1.0 | Impact: 3.6

Affected Packages2 packages

NVDibm/sterling_b2b_integrator5.2.6.05.2.6.3+1
CVEListV5ibm/sterling_b2b_integrator5.2.6.0, 5.2.6.3+1

🔴Vulnerability Details

2
GHSA
GHSA-vmhf-hhxg-4fr5: IBM Sterling B2B Integrator Standard Edition 52022-05-13
CVEList
CVE-2018-1800: IBM Sterling B2B Integrator Standard Edition 52018-09-20

📋Vendor Advisories

3
Cisco
Cisco Aironet 1560, 1800, 2800, and 3800 Series Access Points Denial of Service Vulnerability2018-10-17
Cisco
Cisco Aironet 1800, 2800, and 3800 Series Access Points Secure Shell Privilege Escalation Vulnerability2018-05-02
Cisco
Cisco Aironet 1800 Series Access Point 802.11 Denial of Service Vulnerability2018-05-02
CVE-2018-1800 — Sensitive Information Exposure in IBM | cvebase