CVE-2019-4377Information Exposure via Error Message in IBM Sterling B2B Integrator

CWE-209Information Exposure via Error Message3 documents3 sources
Severity
4.3MEDIUMNVD
EPSS
0.2%
top 55.29%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Sterling B2B Integrator
Timeline
PublishedJun 25
Latest updateMay 24

Description

IBM Sterling B2B Integrator 6.0.0.0 and 6.0.0.1 reveals sensitive information from a stack trace that could be used in further attacks against the system. IBM X-Force ID: 162803.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages2 packages

NVDibm/sterling_b2b_integrator5.2.0.06.0.0.1
CVEListV5ibm/sterling_b2b_integrator6.0.0.0, 6.0.0.1+1

🔴Vulnerability Details

2
GHSA
GHSA-x9r7-5c46-9x5p: IBM Sterling B2B Integrator 62022-05-24
CVEList
CVE-2019-4377: IBM Sterling B2B Integrator 62019-06-25
CVE-2019-4377 — Information Exposure via Error Message | cvebase