IBM Sterling B2B Integrator
Moderate fix2 remedies
cpe:2.3:a:ibm:sterling_b2b_integrator:*:*:*:*:*:*:*
Moderate fix2 remedies
- >= 6.2.0.0, <= 6.2.0.5
- 6.2.1.0
IBM Sterling B2B Integrator and File Gateway Information Disclosure Vulnerability
Vulnerability
Patched
An information disclosure vulnerability has been identified in IBM Sterling B2B Integrator versions 6.2.0.0 through 6.2.0.5 and 6.2.1.0, as well as in IBM Sterling File Gateway versions 6.2.0.0 through 6.2.0.5 and 6.2.1.0. This vulnerability arises because user credentials are stored in configuration files that can be accessed by local users.
Impact
Exploitation of this vulnerability allows local users to read stored user credentials, potentially leading to unauthorized access or actions within the application.
Remediation
Users can upgrade to IBM Sterling B2B Integrator or IBM Sterling File Gateway version 6.2.0.5_1 or 6.2.1.1. The IIM versions of 6.2.0.5_1 and 6.2.1.1 are available on Fix Central. The container versions of 6.2.0.5_1 and 6.2.1.1 are available in the IBM Entitled Registry.
Added: Oct 16, 2025, 3:24 PM
Updated: Oct 16, 2025, 4:30 PM
Vulnerability Rating
Custom Algorithm
spread
2.6impact
2.5exploitability
3.5remediation
7.7relevance
0.7threat
0.0urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.