Integrator May Confuse Users with Incorrect or Restricted Frame Objects

CVE-2023-42011

4.3MEDIUM

Key Information

Vendor: IBM
Status: Sterling B2b Integrator Standard Edition
Vendor: Published:; 27 June 2024

Summary

IBM Sterling B2B Integrator Standard Edition 6.1 and 6.2 does not restrict or incorrectly restricts frame objects or UI layers that belong to another application or domain, which can lead to user confusion about which interface the user is interacting with. IBM X-Force ID: 265508.

Affected Version(s)

Sterling B2B Integrator Standard Edition = 6.1, 6.2

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

NONE

Integrity:

LOW

Availability:

NONE

Attack Complexity:

LOW

Privileges Required:

LOW

User Interaction:

NONE

Scope:

UNCHANGED

Timeline

Vulnerability published.
Jun 27, 2024
Vulnerability Reserved.
Sep 6, 2023

Collectors

NVD DatabaseMitre Database