Primary

Context

IBM Sterling Connect:Express Adapter for Sterling B2B Integrator Session Fixation Vulnerability

Vulnerability

Patched

A session fixation vulnerability has been identified in the IBM Sterling Connect:Express Adapter for Sterling B2B Integrator, specifically in versions 5.2.0.00 through 5.2.0.12. The vulnerability arises because the application does not invalidate session IDs after they have been used. This oversight could enable an authenticated user to impersonate another user within the system.

Impact

Exploitation of this vulnerability could allow an authenticated user to impersonate another user on the system.

Remediation

Users can upgrade to version 5.2.0.13 to address this vulnerability. Instructions for downloading the update are available on the IBM Support Fix Central website.

Added: Jan 20, 2026, 5:02 PM

Updated: Jan 20, 2026, 5:02 PM

Vulnerability Rating

Custom Algorithm

spread

3.4

impact

1.3

exploitability

6.2

remediation

7.7

relevance

2.2

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

3.4

impact

1.3

exploitability

6.2

remediation

7.7

relevance

2.2

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

IBM Sterling Connect:Express Adapter for Sterling B2B Integrator Session Fixation Vulnerability

Vulnerability

Impact

Remediation

Affected Products

IBM Sterling Connect:Express Adapter

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating