CVE-2025-36002
published 2025-10-16CVE-2025-36002: IBM Sterling B2B Integrator 6.2.0.0 through 6.2.0.5, and 6.2.1.0 and IBM Sterling File Gateway 6.2.0.0 through 6.2.0.5, and 6.2.1.0 stores user credentials in…
medium5.5CVSS 3.1
AVLACLPRLUINSUCHINAN
IBM Sterling B2B Integrator 6.2.0.0 through 6.2.0.5, and 6.2.1.0 and IBM Sterling File Gateway 6.2.0.0 through 6.2.0.5, and 6.2.1.0 stores user credentials in configuration files which can be read by a local user.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | sterling_b2b_integrator | — | — |
| ibm | sterling_b2b_integrator | >= 6.2.0.0 < 6.2.0.5_1 | 6.2.0.5_1 |
| ibm | sterling_b2b_integrator | 6.2.0.0 – 6.2.0.5 | — |
| ibm | sterling_file_gateway | — | — |
| ibm | sterling_file_gateway | >= 6.2.0.0 < 6.2.0.5_1 | 6.2.0.5_1 |
| ibm | sterling_file_gateway | 6.2.0.0 – 6.2.0.5 | — |