CVE-2025-36112

CWE-4973 documents3 sources
Severity
5.3MEDIUM
EPSS
0.0%
top 85.32%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
IBM Sterling B2B IntegratorIBM Sterling File Gateway
Timeline
PublishedNov 24

Description

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7 and 6.2.0.0 through 6.2.0.5 and 6.2.1.1 could reveal sensitive server IP configuration information to an unauthorized user.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages4 packages

NVDibm/sterling_file_gateway6.0.0.06.1.2.7_2+2
CVEListV5ibm/sterling_file_gateway6.0.0.06.1.2.7+2
NVDibm/sterling_b2b_integrator6.0.0.06.1.2.7_2+2
CVEListV5ibm/sterling_b2b_integrator6.0.0.06.1.2.7+2

🔴Vulnerability Details

2
GHSA
GHSA-cvjp-mxwp-pm9w: IBM Sterling B2B Integrator and IBM Sterling File Gateway 62025-11-24
CVEList
IBM Sterling B2B Integrator and IBM Sterling File Gateway information disclosure2025-11-24
CVE-2025-36112 (MEDIUM CVSS 5.3) | IBM Sterling B2B Integrator and IBM | cvebase.io