CVE-2013-5407

IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 do not properly restrict use of FRAME elements, which allows remote authenticated users to bypass intended access restrictions or obtain sensitive information via a crafted web site, related to a "frame injection" issue.

Published: Dec 21, 2013
Updated: Apr 13, 2023
CVE: CVE-2013-5407
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.9
AV:N/AC:M/Au:S/C:P/I:P/A:N

CWEs:

CWE-20

Affected Software
References

Software	From	Fixed in
ibm / sterling_b2b_integrator	5.2	5.2.x
ibm / sterling_file_gateway	2.2	2.2.x

http://www-01.ibm.com/support/docview.wss?uid=swg1IC96057
http://www-01.ibm.com/support/docview.wss?uid=swg21657539
https://exchange.xforce.ibmcloud.com/vulnerabilities/87356

Vulnerability Database

289,784

CVE-2013-5407