Sensitive Information Disclosure in IBM Sterling B2B Integrator Standard Edition
CVE-2024-52905

2.7LOW

Key Information:

Vendor: IBM
Status: Sterling B2b Integrator Standard Edition
Vendor: CVE Published:; 10 March 2025

Summary

The IBM Sterling B2B Integrator Standard Edition versions 6.0.0.0 to 6.1.2.6 and 6.2.0.0 to 6.2.0.3 may allow privileged users to access sensitive database information, potentially compromising data integrity and security. This vulnerability raises significant concerns for organizations relying on this platform for secure business transactions and data management.

Affected Version(s)

Sterling B2B Integrator Standard Edition 6.0.0.0 <= 6.1.2.6

Sterling B2B Integrator Standard Edition 6.2.0.0 <= 6.2.0.3

References

https://www.ibm.com/support/pages/node/7185264

vendor-advisory

CVSS V3.1

Score:

2.7

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 10, 2025
Vulnerability Reserved
Nov 17, 2024