Cross-Site Scripting Vulnerability in IBM Sterling B2B Integrator and File Gateway
CVE-2020-4564

5.4MEDIUM

Key Information:

Vendor

IBM
Status
Sterling B2b Integrator
Sterling File Gateway
Vendor
CVE Published:
20 October 2020

What is CVE-2020-4564?

The vulnerability in IBM Sterling B2B Integrator and File Gateway allows attackers to exploit cross-site scripting issues. By embedding arbitrary JavaScript code in the web interface, the functionality of these applications can be altered. This could lead to unauthorized disclosure of sensitive information such as user credentials during a trusted session, posing a significant risk to users' security.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Sterling B2B Integrator 5.2.0.0

Sterling B2B Integrator 6.0.3.1

Sterling File Gateway 2.2.0.0

References

https://www.ibm.com/support/pages/node/6349539
x_refsource_CONFIRM
https://www.ibm.com/support/pages/node/6349533
x_refsource_CONFIRM
https://exchange.xforce.ibmcloud.com/vulnerabilities/183933
vdb-entryx_refsource_XF

CVSS V3.1

Score:
5.4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.