CVE-2019-4738

IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 and 6.0.0.0 through 6.0.3.1 discloses sensitive information to an authenticated user from the dashboard UI which could be used in further attacks against the system. IBM X-Force ID: 172753.

Published: Dec 11, 2020
Updated: Apr 13, 2023
CVE: CVE-2019-4738
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 6.5
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CVSS v2:

Severity: Low
Score: 4
AV:N/AC:L/Au:S/C:P/I:N/A:N

CWEs:

CWE-312

OWASP TOP 10:

A3 - Sensitive Data Exposure

Affected Software
References

Software	From	Fixed in
ibm / sterling_b2b_integrator	5.2.0.0	5.2.6.5.x
ibm / sterling_b2b_integrator	6.0.0.0	6.0.3.1.x

https://exchange.xforce.ibmcloud.com/vulnerabilities/172753
https://www.ibm.com/support/pages/node/6380390

Vulnerability Database

289,697

CVE-2019-4738