Sensitive Information Disclosure in IBM Sterling B2B Integrator and File Gateway
CVE-2025-2988

2.7LOW

Key Information:

Vendor: IBM
Status: Sterling B2b Integrator; Sterling File Gateway
Vendor: CVE Published:; 19 August 2025

What is CVE-2025-2988?

A vulnerability exists in IBM Sterling B2B Integrator and IBM Sterling File Gateway which could allow unauthorized users to access sensitive server information. This exposure may facilitate further attacks on the system, compromising data integrity and confidentiality. It is crucial for users of affected versions to implement necessary security measures and apply patches as advised by IBM to mitigate potential risks.

Affected Version(s)

Sterling B2B Integrator 6.0.0.0 <= 6.1.2.7

Sterling B2B Integrator 6.2.0.0 <= 6.2.0.4

Sterling B2B Integrator 6.2.1.0

References

https://www.ibm.com/support/pages/node/7242391

vendor-advisorypatch

CVSS V3.1

Score:

2.7

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 19, 2025
Vulnerability Reserved
Mar 30, 2025